> That's not the only difference. The other difference is that you also have to type the full repository name, including the organization name.
This is not true.
We had an internal tool at a previous job that required you to type the name of a service's cluster into a field before deleting it. Automated deployments sometimes got left behind - and users would go in periodically and clean them up.
If you watched folks, they would type the name of the cluster being deleted into that box UNTIL they had to do this many times in a row. As soon as it was a "batch" job, folks would go through the motion of:
1. click delete
2. double click service name
3. ctrl+c
4. click text input
5. ctrl+v
6. press "Confirm"
It was remarkable, after someone did this once, I don't think I ever observed them going back to typing in the cluster name. That algorithm of "copy and paste" carried over into every prompt they saw of that form moving forward.
I'm guilty of this too - I no longer type the prompted name for this form of confirmation dialogue, it's a copy-and-paste.
Lol, I do this whenever they ask me to re-enter my email/password for verification even though I know exactly the purpose this mechanism is trying to enforce.
Humans will always take the easiest route. We just have to accept that and come up with better solutions that aid humans or fit to our very weird nature.
This is exactly what you start doing on Github too, since many repo operations require you to do it. Seeing this warning modal where you have to copy-paste some string is what you expect when clicking delete/make private/make public. I don't know if it really helps.
I think you make a good point, the retyping is not perceived as a genuine sort of 2-factor step but is perceived like an annoyance. Maybe the consequences of the action should be shown in a screenshot with a 5 second wait. Personally the only reason it works for me as a 2-factor is because I think about what Github's intent is when they prompt me to retype the repo name and therefore I take a moment to reflect that I indeed want to do what I want to do. But isn't that backwards? I have to imagine what Github's intention was instead of simply seeing a ui and understanding it for what it is.
I mean obviously users are going to cut and paste that output. It's completely hostile design in terms of usability on their part. What did you expect to happen?
This is not true.
We had an internal tool at a previous job that required you to type the name of a service's cluster into a field before deleting it. Automated deployments sometimes got left behind - and users would go in periodically and clean them up.
If you watched folks, they would type the name of the cluster being deleted into that box UNTIL they had to do this many times in a row. As soon as it was a "batch" job, folks would go through the motion of:
1. click delete
2. double click service name
3. ctrl+c
4. click text input
5. ctrl+v
6. press "Confirm"
It was remarkable, after someone did this once, I don't think I ever observed them going back to typing in the cluster name. That algorithm of "copy and paste" carried over into every prompt they saw of that form moving forward.
I'm guilty of this too - I no longer type the prompted name for this form of confirmation dialogue, it's a copy-and-paste.