Steve Syfuhs11h ago

RE: https://mastodon.social/@JenMsft/116306515557926926

For those wondering why this has always been a point of contention for us internally is because under specific circumstances it can lead to a privacy leak.

Apps in low-ish IL or have capability enforcement need to assert that they need to know user information like username or email address. We want to do our best to protect that info. On consumer devices this is especially critical to protect so if your profile path is firstlast87 there's a good chance that's your email and all you need is to guess the dozen or so common domains and now your email is leaked.

That's why we obscure the profile folder path in cases that don't require 20 years of back compat (enterprise join scenarios).

It was never a perfect solution because balancing user privacy and practical usability for a billion odd users is...complicated...but it did act as a useful speedbump.

Show threadMatt

@SteveSyfuhs nice improvement!

Sone confusing aspects of the screen:
1. It asks the user if they want to override defaults without showing those defaults to the user
2. The “show user folder name” option does not do what it says (“show” the user folder name)
3. Missing explanation that might help the user decide whether or not to choose a user folder name

Pre-filling both fields w/their defaults & allowing “Next” might go a long way to make the screen less confusing.

5:42pmWeb