Trusting the Web Site User

Sometimes a particular user action might have serious results, e.g. deleting data.

How do you decide when to step in and help the user be sure they know what they’re doing?

How much help is too much?

Example of too little trust

I’m using a work laptop running Win2k.

If I create a folder in CAPS, it ‘helps’ me by changing my folder name to initial capitals e.g. “NAFTA” to “Nafta”.
What could it do better?

  1. It could leave me the hell alone. I’m the one naming the folder. If I want a folder name in caps, it’s my choice and my responsibility.
  2. It could change it to initial capital – ONCE. But if I rename it back to “NAFTA”, it should respect my wishes. (Win2000 fails to do this. It thinks that, even if I actively rename a folder to a term in full caps, I’m probably mistaken!)
  3. It could use some intelligence and look the word up in a dictionary. If it doesn’t recognise the word, leave it alone. If it does recognise it, change it for me, but only once.

Too little trust 2

I used go on a networking website called Ecademy.

When I posted a blog on this site, there was only a Preview button.
What you have to do is preview first, to check the layout, then you get (re)Preview and Submit options.
The blog is only posted when you submit.

I have lost messages on at least 3 occasions because of this over-cautious behaviour!
The problem would be lessened if the result page after clicking ‘Preview’ had a bright red banner saying “STOP, you haven’t submitted your message yet!!”.

What should they do?
Users have the ability to edit their blog messages, so why not trust them to check it themselves?

Example of enough trust

In this screenform, the user can delete records from a database by selecting one or more checkboxes, and clicking the button.

Trusting the user: Deleting records wtih 2 actions

In this case, because the user has to do two separate actions, there is no ‘Are you sure..?’ prompt.
That would be too much ‘help’.

It can sometimes be appropriate to present an ‘Are you sure..?’.
The decision comes down to a combination of: likelihood of triggering the action in error, and severity of the consequences.

The Percentage Game

If in doubt, play a percentage game:
Estimate the chance that a user triggering an action (e.g. delete) is doing it in error, and multiply that by the pain caused (the severity of the consequences, out of 100).

e.g. Taking the form above, there’s a probability of 1% that someone clicking the button doesn’t mean to delete the records.
Multiplied by a pain of 60/100, .01 x 60 = 0.6 likely pain.

Compare that with: the probability that the user isn’t making a mistake, multiplied by the pain of having to click the confirmation.
In this case, it might be 99% probability x 5/100 likely pain, gives .99 x 5 = 4.95 likely pain.

The prompt is therefore about 8x more inconvenient than having the chance to make a mistake.
That’s why, in that case, it’s better to trust the user.

About the author