Just so you know, clicking on Signout gives me this:
Message: MySQL Query fail: SELECT * FROM follow WHERE user_id =
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Date: Wednesday, October 6, 2010 at 8:53:41 AM
Script: /index.php
Referer: http://hackerfollow.com/
More context would be great (browser, page you were on, page you were redirected to). I think I uncovered the problem so you'll need to clear your cookies. Let me know, thanks!
Database Error
Message: MySQL Query fail: SELECT * FROM follow WHERE user_id =
MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
Date: Wednesday, October 6, 2010 at 4:02:06 PM
Script: /
Referer: http://hackerfollow.com/
Clicked from the news item here, entered a pass phrase (it's a secret, I'm not telling you!) and clicked the sign in button.
We're not creating another identity for you. There aren't any profiles, it's simply a utility. I agree the messaging could be cleaner and I'll rework some of it when I have time later today, but we dont really need your email or a password for anything so there's little reason to require it other than being the norm.
I appreciate you trying to make it easier for users to remember their login/identity/site key/access code/whatever, but this may actually be making it harder.
Since we have all had years to figure out how to manage logins across many different sites that do not coordinate, we've all solved this problem in one way or another, but the solutions are based on finding efficient ways to manage userid's and passwords.
Mine for example is that I use a set of three userid/pwd pairs. Pair 1 is simple userid/simple pwd, for throwaway accounts I don't care about. Pair 2 is moderately complex userid/pwd for sites I use frequently but could afford to lose/be hacked/whatever. And Pair 3 is highly complex userid/pwd for online banking and other secure things that need the highest penetration barrier.
Since I can easily keep three in memory and apply each one based on how I categorize the website in question, I never forget my logins to any websites, no matter how frequent or infrequent I use them. Nor do I ever have to write down or otherwise record my login info, anywhere, since it's easy to remember just three. Further, if one my lower level userid/pwd pairs is cracked, it doesn't compromise the critical one.
For your site I would have simply use Pair 1 or 2, problem solved. However, your pass phrase method presents a problem - I can use one of my passwords in plain text, which I'm obviously not going to do, or I can think up some pass phrase that is unique to your site, not part of my system, and hence easily forgettable.
I have no idea what other systems people use to manage their logins across the tons of websites in use these days, but I'd suggest relying on your users (especially since they're 100% savy HN users) to have already solved this login problem. Leverage their solutions by using the norm. Or use OpenID, which is another solution to this problem.
For me (since there is no content generation) I just used my username. I agree with the creator that this method is worth trying since there really is no reason to need the security of a password. This solution eases the effort spent coding and the effort spent signing up at virtually no cost. Sure it's not perfect but for a site like this I think it was certainly worth trying.
It's an interesting idea, but more typically the service generates a unique key and puts that in the URL. You can then bookmark that URL to "log in." Just pointing this out as most will find it easier to save a bookmark and "come up with a login phrase" could be a real "whoa.. what?" stumbling block for some potential users.
The "come up with a secret phrase" thing is a nice idea, but I must've sat for 10 seconds trying to work out what was actually being asked for, and then I had no idea what phrase I could use that I wouldn't forget, but that nobody else would have chosen.
I did that with another user, and it turns out he used his username as his secret phrase! (name withheld to protect the guilty). At least now I know who he's interested in!
It's not that slim in my opinion. Even though this is HN we're talking about, many people are lazy enough to only come up with something really simple. Or a pop culture reference.
The logistics of it are different. With username + password, 2 people can have the same password. So you only need to warn someone if the username has already been taken. But in order to warn someone that a secret phrase has already been taken, you've just given them all the info they need to login as that other person.
That being said, if you were to enforce that the first half (or some undisclosed portion) of the secret phrase couldn't be taken, then you'd be closer to comparing apples to apples.
Basic statistics says yes the chances are much much smaller if you have both username + password.
The larger the password and the more obscure the password means that chances grow smaller of someone else choosing it but that doesn't mean everyone uses large and obscure passwords.
At least show what story the comments are on. I came up with a nice way to show the context around a comment without needing the entire tree:
http://hystry.com/newsyc/follow/about (Slide 4)
Make it easy to add users from the stream page.
I'm usually in an 'open' mindset when I think of hacker news. HackerFollow enforces a 'closed' mindset; I only see stuff from those I follow. Can you leaven the stream with suggestions like somebody else asked on this thread?
Not bad. You should add the title of the thread along with the user's comment to give context. Also please position the user's name to the left. Most HN users are in the U.S. where people read left to right. That way I can glance at the stream and recognize who said what faster.
I think the "Secret Phrase" thing is just a poor definition. You could think of it more as a username without a password. You couldn't begrudge someone taking the same username as you on another site could you?
I was only able to see recent posts/comments. I'm not sure if the API supports it (haven't looked) but would be nice to see older posts/comments as well, and agree with others about an RSS feed being a good idea.
In addition, an aggregate RSS feed of higher ranked HN'ers would be neat.
And clicking on the following without specifying a user to follow first ("logging in") doesn't work: http://hackerfollow.com/?filter=devmonk
but as soon as a specify a user ("log in") it works. It should just work if it is essentially public, imo.
Good idea. Maybe a drop-down suggestion box (sometimes I don't know the exact name "jacquesm...?"). And currently it allows me to "follow" any gibberish I type in e.g. "kljarlkfejl".
the "follow" page lists most followed users. How about adding a section to show who, outside of the top 10-15, has gained the most new followers over the last week or so? (Obviously this is more meaningful once the service has been running for longer than a week.)
This would give us a way to be introduced to up-and-coming users.
EDIT: also, the "most followed" page currently has a user (osuburger) who has 1 karma, 0 posts, and 0 submissions. Already being gamed?
Feature suggestion: "Follow me" URLs that users could put in their HN profiles. This would greatly ease in-context following:
Read insightful comment › Click username to profile › Click HackerFollow link
Alternatively, the best solution (though much more time-consuming to implement) for in-context following would be a browser extension that adds an HF link next to everyone's name.
We'd love to do that but the data isn't readily available by scraping. We could continuously fetch the parent_id post until we reach the root story, but that would result in a lot of extra curl requests.. V2 : )
Instead of crawling by #id, crawl by new posts from the /newest page. For each post, split it into multiple pages, setting the parent id/title that way. Not that you have to, but a future suggestion.
Message: MySQL Query fail: SELECT * FROM follow WHERE user_id = MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Date: Wednesday, October 6, 2010 at 8:53:41 AM Script: /index.php Referer: http://hackerfollow.com/
Great idea, though!