This is one of the main reasons why I have mostly given up on paid software or SaaS products. You would think that by paying someone for their product, that would give you the tool without constantly getting asked for more, like some shareware program from the 90s. But no, if you give them money, they will constantly nag you, track you, nag you again, and so on. Debian on my private laptop using mostly free software (I think Obsidian is the only odd one out currently) has completely killed that annoyance. My Macbook and iPad Pro for work still keep nagging me all the time about some stupid stuff I don't want to think about.
About 10 years ago I tried installed Little Snitch on my laptop. I set it up to check with me every time any native app tried to connect to the internet. "Here we go" I thought. "I'm going to actually see what apps are doing!".
I think I naively thought I'd end up with 10 rules or something, blocking telemetry. Oh what a sweet naive child I was. Its constant. Everything on my computer seemed to use about 8 different telemetry and update services. The sheer number of packets of environmental waste being produced every second by modern computers is breathtaking. It never stops.
Reading this article, I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet." It would be terribly inefficient, but it'd probably be fun to try. It would definitely force a lot more rigour around releases & testing.
It’s got to the point where I turn off my WiFi now to do performance-sensitive work, because of the boost that killing all this background rubbish gives. Anything I need online I can just offload to my phone while my computer is offline.
If the computer doesn't have any online network connection, shouldn't it outright error? I understand that the timeout sucks when your network is not connected to the internet but still alive, then that's an issue, but if there is no connection at all, why would the timeouts matter?
The problem with this is some apps do incredibly stupid things. Now I'm not saying the operating system itself, but I had some ide screw off and go into long pause mode when my laptop was in airplane mode.
> I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet."
FWIW all of my Mac and iOS apps are upfront paid, with no telemetry or server-side component.
Of course I don't distribute them via snail mail though.
I'm doing pretty well. I'm certainly not rich, and probably not making as much money as corporate software engineers in the US, but I'm doing better financially than the majority of people. It's not impossible to follow the old business model.
If General Motors had developed technology like Microsoft, we would all be driving cars with the following characteristics:
For no reason whatsoever, your car would crash twice a day.
Every time they repainted the lines in the road, you would have to buy a new car.
Occasionally your car would die on the freeway for no reason. You would have to pull over to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason, you would simply accept this.
Occasionally, executing a maneuver such as a left turn would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine.
Macintosh would make a car that was powered by the sun, was reliable, five times as fast and twice as easy to drive – but would run on only five percent of the roads.
The oil, water temperature, and alternator warning lights would all be replaced by a single “General Protection Fault” warning light.
The airbag system would ask “Are you sure?” before deploying.
Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna.
Every time GM introduced a new car, car buyers would have to learn to drive all over again because none of the controls would operate in the same manner as the old car.
You’d have to press the “Start” button to turn the engine off.
What is funny is how many of them are actually true now. Having your display panels crash while driving is good fun. Also I click the start/stop button to operate my vehicle. And teslas like locking people in on occasion.
One of the more annoying software that does this is the copilot Office 365 on the web. Every time (!) I open it, it shows a popup on how to add files to the context. That itself would be annoying, but it also steals focus! So you would be typing something and suddenly you’re not typing anymore for M$ decided it’s time for a popup.
I finally learned to just wait for the pop up and then dismiss it with esc. Ugh!
In the old days, you'd take a survey on a McDonald's receipt and get a coupon for a free fry or something. These days, every product will sign you up for a newsletter without consent, ask for a review, or beg you to spend your time on a survey after the smallest interaction. Everything from the Art Institute of Chicago to Cava (a fast casual restaurant). And it's not just once, they'll send you reminders too. In-app, the prompts stack up on each other. I dread opening Jellyfish because I know I'll have to click through more than one pop up every time I want to check something quick. No, I still don't want to go to your conference, I'm trying to get work done.
Why can't they at least offer something of small value, like 10% off your next food order, or some API credits, so it's a fairer exchange? I guess because everyone's doing it, no individual product gets penalized for annoying their users.
There are exceptions of course, like Kagi. But they're far and few between.
Kagi has the world's most pleasant engagement retention email life-hack, which is that if you don't use it for a whole month, they'll email you telling you that they refunded that month's price. I don't have a specific dollar cutoff where this is acceptable, but applying the categorical imperative, if every customer retention spam or nag I received came with $14 I could retire.
When they send these 30-question surveys, surely they must be aware that the people who respond are not a random sample of the customer population but a sample of the subpopulation that is willing to take a 30-question survey for them?
Simple. Your mistake is assuming that these surveys used to gather actual information.
The 30 questions satisfy all of the bikeshedding smoothbrains in the survey-design-committee. The survey itself isn't used to make informed decisions to improve the product, but entirely to justify the manager's impact and thus everybody's bonuses.
Oh, sometimes they are used to change things, and when implemented it seems like everyone is mad and they act shocked because all they see from surveys is people wanted a change.
Often, they'll ask for the review before I even had the time to really use the product. Like, I've just laid my hands on this thing, how am I supposed to know anything yet?!
Yeah I probably will, when this one breaks. I had Android always before and I'm pretty unimpressed with Apple. HN'ers love to imagine that only Apple has their interests in mind unlike other BigCos, but no Android phone I had ever nudged me out of the blue, in the middle of other work, to "turn on Google Drive" with just "Ok" and "Ask me later" as the options.
> The drill doesn’t ask how you’re enjoying your experience drilling. It doesn’t upsell you on premium hole-making
Damn you wonder how we as a Software Industry lost the plot - hell - I have a product in e-commerce analytics one of the features I never put in was 'Retention / Cohorts' etc - coz in the real world retailers don't speak in those terms
It might not have a great impact, but I've started to fight back. Interrupt me in the middle of an important task? You get a 1-star rating. Ask me for some random information you shouldn't need? Get bogus answers. And so on.
> Ask me for some random information you shouldn't need? Get bogus answers.
I've never understood software that's free but you have to fill out a form of personal information to download it. Even if I was willing to share, what possible use is my full mailing address to some random software company? It's data collection for the sake of data collection.
This was the reason I switched from Windows to using Linux full time back around 2006. Windows used to be somewhat peaceful bu around then it increasingly started interrupting me instead of me generating interrupts for it. I gather Windows hasn't gotten better since then.
At least with Android it is mostly the apps that generate interruptions, so I can choose apps that do not, and control notification permissions for those I need.
Windows is unusable. I kept a long time because of "family member will wanna use Excel" but that is not a thing anymore. Alternatives are good. Very little Windows specific software I need anymore. Really just Backblaze better pricing is all I care for.
A nice use of AI would be to learn what kind of interruptions I hate and suppress those as much as possible. The trick would be installing it to the level of authority to ignore stuff from the companies making the phones and OS too without having complicated jailbreak/hacking procedures.
The reality is that we just have shit consumer protections for our time and attention, because it's revenue for the companies, which lawmakers don't want to infringe upon. They can't even go after the relatively small markets of phone call/mail spam.
iOS has it to some extent, you can enable "Intelligent breakthrough and silencing" in Focus settings, and it should (supposedly) learn which notifications are important for you and which can be skipped.
Phone spam would be so so easy. If you get a contact you don't like, SMS some magic short code and legally receive $1 from the sender. If the sender is foreign and cannot be held accountable, the entry point domestic carrier is liable for the $1.
All it takes is a mild amount of accountability for the shitheads delivering these. It would be gone overnight.
Enshittification didn't start recently. It was always there. You just didn't notice it because of your age. Your youth and childhood days always have good memories, doesn't matter how shitty those days were.
Selling is just as old as money. Every business that tried sell you soaps and cosmetics had to scare you about bacteria, making you forget that bacteria was always there with you for millennia. What you call enshittfication is the change accumulation that you witnessed over decades. Ask children who hasn't seen all that change. They see everything is just fine.
Yes, nasty salesmen are as old as time and possibly predate humans, but that is not what enshittification means.
From Wikipedia[0]:
> Enshittification, also known as crapification and platform decay, is a process in which two-sided online products and services decline in quality over time. Initially, vendors create high-quality offerings to attract users, then they degrade those offerings to better serve business customers, and finally degrade their services to users and business customers to maximize short-term profits for shareholders.
Basically a middleman fucking over both sides of the deal, typically in the context of online services.
The term was popularised in 2022 [1].
Remove "online services" (anchoring the term firmly in the present) and I still can't think of wide ranging examples in the past. I will admit that this might be because I haven't been around for very long.
We can all play victims here of course but we also have our own responsibility when creating software. I've been on many projects where people got sucked into "this just is the way this ought to be done" kind of thinking without questioning any of it.
I suspect many cookie consent dialogs come into existence this way. All the mindless onboarding nonsense, notifications, etc. come from a rather dogmatic application of growth hacking type advice. You get startups hiring people that specialize in that out of a belief that they have to do that that then start doing stuff. And once you have those people they start justifying their presence by imposing a lot of that stuff.
If you ask a lawyer for advice on legalese, they'll give you plenty of terms and conditions, consent forms, etc. Mandatory scroll to the end thingies are a good example of an anti pattern here. The thing is that laws don't specify much in terms of UI/UX. Some lawyer once upon a time decided that "we have to twist user's nipples and make sure they read my 20 pages of legalese before they are allowed in the app". This is completely stupid if you think about it for more than 4 seconds. But it's being copied over and over again by world + dog. Convoluted cookie consent screens are another good example. Corporate lawyers invented those because they are being paid to justify their existence. They come up with implausible scenarios and then protect their clients from those. A lawyer will never tell you to skip an optional/redundant step but they'll come up with reasons to add more of those. Removing complexity is not their job.
If nobody applies any critical thinking and fact checks these things you end up with a lot of ass coverage, legalese, "better safe than sorry" type features and shit that is not needed that adds up to a lot of user hostile behavior, onboarding friction, and application complexity.
Authentication is a thing that many product owners just blindly imitate from others. Including all the negative patterns around it. I've had this discussion with more than a few product owners. "We have to 'own' the user relation ship and therefore we must have a email/password thing and can't do openid, sso, email links, etc.". This is nonsense but if nobody challenges that, you go down the path of repeating decades of mistakes on this front. But it's OK because everybody else does it too.
People don't even question this any more. As soon as you go down this path it leads to a lot of fairly standard and boring stuff that you just have to do, apparently. Over and over again. If you have a password, you got to have a reset my password. Is "secret" an acceptable password? No, so we got to have a password complexity thingy. Do we add 2FA? Notification preference screens, Push notifications, and all the rest.
Modern logins should be simple. "send me a login link" "login with X, Y, or Z", passkeys, etc. Make sure the process is password manager friendly if you have passwords (why?!). Bias towards enabling your users to getting started with your thing ASAP. Get them in and then consent; not the other way around.
Get a good product person that understands these things rather than one that does things because he heard about a person that knows a person that is totally legit that told them that you gotta do X because reasons that are too complicated for you to worry your petty head about. Most bad decision making boils down to BS, urban myths, and bad advice like that. Ask the "why" questions. Make sure you understand and fact check the answers. Do what you actually have to do. But nothing more.
As someone who does use a password manager, there's nothing more annoying than a service that doesn't accept email/password logins. I don't want to cede my auth to a 3rd party, clutter up my inbox with magic links, or have to keep careful track of passkeys that are tied to a device and can be easily lost!
>And yet, this is how a lot of modern software behaves.
Not in my experience. Typically all of the "news" happens either during startup, or as part of some other flow. It doesn't happen in the middle of using software. Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
>The analytics didn’t prove the feature was unwanted. The analytics proved that we buried it.
If I actually wanted a feature I would go through 10 menus to flip the switch. If the analytics says no one is uses it that is proof that no one wants it. It is possible that the user is unaware of it though.
>the product stops being a finished artifact
When you are doing constant software updates it is not a finished artifact anyways.
> Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
I rarely use the G Suite, but when I do I get bombarded with a queue of popups and alerts about this feature, this Gemini integration and whatever else gets someone promoted.
> If I actually wanted a feature I would go through 10 menus to flip the switch.
That is if you know of this feature or are predisposed to rummage around software to look for a solution. Neither is common amongst common people.
> When you are doing constant software updates it is not a finished artefact anyways.
That I mostly agree with. Then you have teams who are assigned a sliver of the software and continually fuck with it to justify their existence.
This is one of the main reasons why I have mostly given up on paid software or SaaS products. You would think that by paying someone for their product, that would give you the tool without constantly getting asked for more, like some shareware program from the 90s. But no, if you give them money, they will constantly nag you, track you, nag you again, and so on. Debian on my private laptop using mostly free software (I think Obsidian is the only odd one out currently) has completely killed that annoyance. My Macbook and iPad Pro for work still keep nagging me all the time about some stupid stuff I don't want to think about.
Late stage capitalism, the numbers must always go up.
That's why everything is turning into rent seeking models and enshittification.
About 10 years ago I tried installed Little Snitch on my laptop. I set it up to check with me every time any native app tried to connect to the internet. "Here we go" I thought. "I'm going to actually see what apps are doing!".
I think I naively thought I'd end up with 10 rules or something, blocking telemetry. Oh what a sweet naive child I was. Its constant. Everything on my computer seemed to use about 8 different telemetry and update services. The sheer number of packets of environmental waste being produced every second by modern computers is breathtaking. It never stops.
Reading this article, I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet." It would be terribly inefficient, but it'd probably be fun to try. It would definitely force a lot more rigour around releases & testing.
It’s got to the point where I turn off my WiFi now to do performance-sensitive work, because of the boost that killing all this background rubbish gives. Anything I need online I can just offload to my phone while my computer is offline.
The problem with doing that, is that the standard TCP timeout is 60 seconds.
All of a sudden, you are beset with 60-second hangs.
If the computer doesn't have any online network connection, shouldn't it outright error? I understand that the timeout sucks when your network is not connected to the internet but still alive, then that's an issue, but if there is no connection at all, why would the timeouts matter?
You just gave me flashbacks of mistyping a folder share name on windows and having the whole PC lock up for a minute or two.
> All of a sudden, you are beset with 60-second hangs.
No, that's not how it works. Frankly, I'm astonished to see this claim here.
The problem with this is some apps do incredibly stupid things. Now I'm not saying the operating system itself, but I had some ide screw off and go into long pause mode when my laptop was in airplane mode.
Depends.
I have a couple of apps on my computer that do exactly that.
I am looking forward to learning how it does work...
> I am looking forward to learning how it does work...
It's basic sockets. If you call connect() when the internet is disabled, the errno is ENETUNREACH.
The higher-level API are built on sockets. If any apps are misbehaving, they're simply badly coded.
> I wonder what would happen if you tried selling software the old way again. "Buy our software! Pay once. We'll mail you out a USB stick with the program on it. Our software does not access the internet."
FWIW all of my Mac and iOS apps are upfront paid, with no telemetry or server-side component.
Of course I don't distribute them via snail mail though.
I'm doing pretty well. I'm certainly not rich, and probably not making as much money as corporate software engineers in the US, but I'm doing better financially than the majority of people. It's not impossible to follow the old business model.
Have you tried using Linux?
Old joke:
If General Motors had developed technology like Microsoft, we would all be driving cars with the following characteristics:
For no reason whatsoever, your car would crash twice a day.
Every time they repainted the lines in the road, you would have to buy a new car.
Occasionally your car would die on the freeway for no reason. You would have to pull over to the side of the road, close all of the windows, shut off the car, restart it, and reopen the windows before you could continue. For some reason, you would simply accept this.
Occasionally, executing a maneuver such as a left turn would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine.
Macintosh would make a car that was powered by the sun, was reliable, five times as fast and twice as easy to drive – but would run on only five percent of the roads.
The oil, water temperature, and alternator warning lights would all be replaced by a single “General Protection Fault” warning light.
The airbag system would ask “Are you sure?” before deploying.
Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna.
Every time GM introduced a new car, car buyers would have to learn to drive all over again because none of the controls would operate in the same manner as the old car.
You’d have to press the “Start” button to turn the engine off.
Ya, I remember reading these decades ago.
What is funny is how many of them are actually true now. Having your display panels crash while driving is good fun. Also I click the start/stop button to operate my vehicle. And teslas like locking people in on occasion.
One of the more annoying software that does this is the copilot Office 365 on the web. Every time (!) I open it, it shows a popup on how to add files to the context. That itself would be annoying, but it also steals focus! So you would be typing something and suddenly you’re not typing anymore for M$ decided it’s time for a popup. I finally learned to just wait for the pop up and then dismiss it with esc. Ugh!
MS has never learned to not interrupt the user. This has been a dark pattern for them since their very first window manager.
In the old days, you'd take a survey on a McDonald's receipt and get a coupon for a free fry or something. These days, every product will sign you up for a newsletter without consent, ask for a review, or beg you to spend your time on a survey after the smallest interaction. Everything from the Art Institute of Chicago to Cava (a fast casual restaurant). And it's not just once, they'll send you reminders too. In-app, the prompts stack up on each other. I dread opening Jellyfish because I know I'll have to click through more than one pop up every time I want to check something quick. No, I still don't want to go to your conference, I'm trying to get work done.
Why can't they at least offer something of small value, like 10% off your next food order, or some API credits, so it's a fairer exchange? I guess because everyone's doing it, no individual product gets penalized for annoying their users.
There are exceptions of course, like Kagi. But they're far and few between.
Kagi has the world's most pleasant engagement retention email life-hack, which is that if you don't use it for a whole month, they'll email you telling you that they refunded that month's price. I don't have a specific dollar cutoff where this is acceptable, but applying the categorical imperative, if every customer retention spam or nag I received came with $14 I could retire.
When they send these 30-question surveys, surely they must be aware that the people who respond are not a random sample of the customer population but a sample of the subpopulation that is willing to take a 30-question survey for them?
Simple. Your mistake is assuming that these surveys used to gather actual information.
The 30 questions satisfy all of the bikeshedding smoothbrains in the survey-design-committee. The survey itself isn't used to make informed decisions to improve the product, but entirely to justify the manager's impact and thus everybody's bonuses.
Oh, sometimes they are used to change things, and when implemented it seems like everyone is mad and they act shocked because all they see from surveys is people wanted a change.
Often, they'll ask for the review before I even had the time to really use the product. Like, I've just laid my hands on this thing, how am I supposed to know anything yet?!
I have trash mail box that I don’t really open besides clicking confirmation links.
I also use Firefox relay just to vary stuff a bit to throw wrench into tracking.
As the joke goes,
Do you think [big tech company] understands consent?
> Yes
> Ask me later
Related to this, does anyone here know how to stop my iPhone asking me to turn on iCloud?
Buy a different phone?
Yeah I probably will, when this one breaks. I had Android always before and I'm pretty unimpressed with Apple. HN'ers love to imagine that only Apple has their interests in mind unlike other BigCos, but no Android phone I had ever nudged me out of the blue, in the middle of other work, to "turn on Google Drive" with just "Ok" and "Ask me later" as the options.
Eh, I get AI enablement pop-ups all the time on android
I have an android phone and it hates me almost as much as apple, but it has better hardware for a lower price, and I can technically use f–droid
> Yes
> I am sinful and will go to hell
> The drill doesn’t ask how you’re enjoying your experience drilling. It doesn’t upsell you on premium hole-making
Damn you wonder how we as a Software Industry lost the plot - hell - I have a product in e-commerce analytics one of the features I never put in was 'Retention / Cohorts' etc - coz in the real world retailers don't speak in those terms
It might not have a great impact, but I've started to fight back. Interrupt me in the middle of an important task? You get a 1-star rating. Ask me for some random information you shouldn't need? Get bogus answers. And so on.
> Ask me for some random information you shouldn't need? Get bogus answers.
I've never understood software that's free but you have to fill out a form of personal information to download it. Even if I was willing to share, what possible use is my full mailing address to some random software company? It's data collection for the sake of data collection.
It's used to generate cold call lists
Oh, that's valuable, they definitely can sell that on. Especially if they have a big list.
This was the reason I switched from Windows to using Linux full time back around 2006. Windows used to be somewhat peaceful bu around then it increasingly started interrupting me instead of me generating interrupts for it. I gather Windows hasn't gotten better since then.
At least with Android it is mostly the apps that generate interruptions, so I can choose apps that do not, and control notification permissions for those I need.
Windows is unusable. I kept a long time because of "family member will wanna use Excel" but that is not a thing anymore. Alternatives are good. Very little Windows specific software I need anymore. Really just Backblaze better pricing is all I care for.
Even actual from-Microsoft Excel now runs in the browser, not even any need to find an alternative.
And Wine has gotten really good, too.
A nice use of AI would be to learn what kind of interruptions I hate and suppress those as much as possible. The trick would be installing it to the level of authority to ignore stuff from the companies making the phones and OS too without having complicated jailbreak/hacking procedures.
The reality is that we just have shit consumer protections for our time and attention, because it's revenue for the companies, which lawmakers don't want to infringe upon. They can't even go after the relatively small markets of phone call/mail spam.
iOS has it to some extent, you can enable "Intelligent breakthrough and silencing" in Focus settings, and it should (supposedly) learn which notifications are important for you and which can be skipped.
In practice it doesn't do it very well.
Phone spam would be so so easy. If you get a contact you don't like, SMS some magic short code and legally receive $1 from the sender. If the sender is foreign and cannot be held accountable, the entry point domestic carrier is liable for the $1.
All it takes is a mild amount of accountability for the shitheads delivering these. It would be gone overnight.
Enshittification didn't start recently. It was always there. You just didn't notice it because of your age. Your youth and childhood days always have good memories, doesn't matter how shitty those days were.
Selling is just as old as money. Every business that tried sell you soaps and cosmetics had to scare you about bacteria, making you forget that bacteria was always there with you for millennia. What you call enshittfication is the change accumulation that you witnessed over decades. Ask children who hasn't seen all that change. They see everything is just fine.
No company in the days of yore could pop up stuff on a screen that was always in my pocket.
Yes, nasty salesmen are as old as time and possibly predate humans, but that is not what enshittification means.
From Wikipedia[0]:
> Enshittification, also known as crapification and platform decay, is a process in which two-sided online products and services decline in quality over time. Initially, vendors create high-quality offerings to attract users, then they degrade those offerings to better serve business customers, and finally degrade their services to users and business customers to maximize short-term profits for shareholders.
Basically a middleman fucking over both sides of the deal, typically in the context of online services. The term was popularised in 2022 [1].
Remove "online services" (anchoring the term firmly in the present) and I still can't think of wide ranging examples in the past. I will admit that this might be because I haven't been around for very long.
0 - https://en.wikipedia.org/wiki/Enshittification
1 - https://pluralistic.net/2022/11/28/enshittification/
This is a trite thought terminating cliche that provides no value to any discussion.
We can all play victims here of course but we also have our own responsibility when creating software. I've been on many projects where people got sucked into "this just is the way this ought to be done" kind of thinking without questioning any of it.
I suspect many cookie consent dialogs come into existence this way. All the mindless onboarding nonsense, notifications, etc. come from a rather dogmatic application of growth hacking type advice. You get startups hiring people that specialize in that out of a belief that they have to do that that then start doing stuff. And once you have those people they start justifying their presence by imposing a lot of that stuff.
If you ask a lawyer for advice on legalese, they'll give you plenty of terms and conditions, consent forms, etc. Mandatory scroll to the end thingies are a good example of an anti pattern here. The thing is that laws don't specify much in terms of UI/UX. Some lawyer once upon a time decided that "we have to twist user's nipples and make sure they read my 20 pages of legalese before they are allowed in the app". This is completely stupid if you think about it for more than 4 seconds. But it's being copied over and over again by world + dog. Convoluted cookie consent screens are another good example. Corporate lawyers invented those because they are being paid to justify their existence. They come up with implausible scenarios and then protect their clients from those. A lawyer will never tell you to skip an optional/redundant step but they'll come up with reasons to add more of those. Removing complexity is not their job.
If nobody applies any critical thinking and fact checks these things you end up with a lot of ass coverage, legalese, "better safe than sorry" type features and shit that is not needed that adds up to a lot of user hostile behavior, onboarding friction, and application complexity.
Authentication is a thing that many product owners just blindly imitate from others. Including all the negative patterns around it. I've had this discussion with more than a few product owners. "We have to 'own' the user relation ship and therefore we must have a email/password thing and can't do openid, sso, email links, etc.". This is nonsense but if nobody challenges that, you go down the path of repeating decades of mistakes on this front. But it's OK because everybody else does it too.
People don't even question this any more. As soon as you go down this path it leads to a lot of fairly standard and boring stuff that you just have to do, apparently. Over and over again. If you have a password, you got to have a reset my password. Is "secret" an acceptable password? No, so we got to have a password complexity thingy. Do we add 2FA? Notification preference screens, Push notifications, and all the rest.
Modern logins should be simple. "send me a login link" "login with X, Y, or Z", passkeys, etc. Make sure the process is password manager friendly if you have passwords (why?!). Bias towards enabling your users to getting started with your thing ASAP. Get them in and then consent; not the other way around.
Get a good product person that understands these things rather than one that does things because he heard about a person that knows a person that is totally legit that told them that you gotta do X because reasons that are too complicated for you to worry your petty head about. Most bad decision making boils down to BS, urban myths, and bad advice like that. Ask the "why" questions. Make sure you understand and fact check the answers. Do what you actually have to do. But nothing more.
As someone who does use a password manager, there's nothing more annoying than a service that doesn't accept email/password logins. I don't want to cede my auth to a 3rd party, clutter up my inbox with magic links, or have to keep careful track of passkeys that are tied to a device and can be easily lost!
>And yet, this is how a lot of modern software behaves.
Not in my experience. Typically all of the "news" happens either during startup, or as part of some other flow. It doesn't happen in the middle of using software. Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
>The analytics didn’t prove the feature was unwanted. The analytics proved that we buried it.
If I actually wanted a feature I would go through 10 menus to flip the switch. If the analytics says no one is uses it that is proof that no one wants it. It is possible that the user is unaware of it though.
>the product stops being a finished artifact
When you are doing constant software updates it is not a finished artifact anyways.
> Google Docs is not throwing up a blocking dialog in the middle of you typing a sentence.
I rarely use the G Suite, but when I do I get bombarded with a queue of popups and alerts about this feature, this Gemini integration and whatever else gets someone promoted.
> If I actually wanted a feature I would go through 10 menus to flip the switch.
That is if you know of this feature or are predisposed to rummage around software to look for a solution. Neither is common amongst common people.
> When you are doing constant software updates it is not a finished artefact anyways.
That I mostly agree with. Then you have teams who are assigned a sliver of the software and continually fuck with it to justify their existence.