Making the "Expired Passwords" Interface Less Annoying

If you have ever set up expiration dates for your passwords using Password Vault, then you know what I am talking about. Every two hours a window pops up saying that you have passwords that have expired or are about to expire. The window usually steals focus from whatever you were working on. This can be an irritating experience. After all, stealing focus is a big no-no in UI design. If you are designing software, then memorize this rule: don't steal the user's focus. So why does Password Vault do it? Well, it could be argued that passwords expiring can be a serious situation (depending on how important the passwords are), so an aggresive UI is warranted. But the main reason I thought that Password Vault could get away with it is that it really only happens temporarily. Once you change your password, you won't be bothered any more.

To tell the truth, I receive very few complaints about this UI, so maybe this reasoning is sound. (If you have strong feelings one way or the other, please share them in the comments.) But I personally find this window's focus-stealing behavior quite objectionable. And I see it often enough (because I use my own product every day), that I realized that a change had to be made. So what could be done to make the Expired Passwords interface less annoying?

To begin answering that question, I first looked into alternative types of interfaces. One of the main requirements of the Expired Passwords interface is that the user must be able to see it whether the main window is visible or not. Besides a window, the only type of interface that would work in both situations is a notification balloon (to be shown from the Password Vault icon in the notification area). Balloons can be very useful, but they can also be easily abused by developers, and indeed they are. In general, users don't like balloons for this very reason. They dislike them so much that Microsoft has listened and is taking action in Windows 7 (the next version of Windows). Specifically, all notification icons for programs will be hidden by default; users will have to explicitly choose which icons they want to see. No icons means no balloons by default. Additionally, Windows will disable all balloons for the first few hours the first time Windows is run. The idea here is to curb the avalanche of advertisements and other superfluous messages from software (affectionately referred to as "crapware") that comes pre-installed on new computers. So because Windows 7 users might never see them, I decided that balloons were not the way to go.

So we come back to the Expired Passwords window. Aside from the focus-stealing, the current Expired Passwords UI is not too bad. It's simple and it serves its purpose. So I made the decision that Password Vault 4 will use essentially the same UI with some slight modifications. An Expired Passwords window will still appear every two hours when you have passwords that need to be changed, but instead of coming to the foreground, it will flash in the taskbar. This way, it can still get your attention, but it will do so in a way that won't forcibly interrupt your work. There will also be some additional minor improvements made to this window and to the entire Password Expiration subsystem to make them more informative and intuitive to set up and use.

If you read this article expecting me to describe huge, sweeping changes that will be made to the Expired Passwords interface, then I'm sorry if you were underwhelmed. But good design involves knowing when to make changes as well as how to make changes. And I really believe that this solution will be best for the users. But Password Vault 4 will have many exciting new features, and I will cover a number of these in future posts.