infrax design mistakes
This commit is contained in:
parent
718b91bb3f
commit
fc154fdfdc
|
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
title: Governmental Infrastructue Website Design Mistakes
|
||||
date: 2022-11-07T10:25:00+02:00
|
||||
categories:
|
||||
- webdesign
|
||||
tags:
|
||||
- design
|
||||
---
|
||||
|
||||
Our energy provider came up with a mind-boggling suggestion for monthly advances---values I immediately wanted to reduce. I'll take that risk to have to cough up a large sum at the end of this year, thank you very much. After logging in and trying to input new meter values, I bumped into a problem: I can't _reduce_ the number, even though our solar panels generate more than we consume. That _should_ be possible, but for some reason, our energy provider wasn't aware of us having those panels. Panels we have installed since... 2017.
|
||||
|
||||
What went wrong? I don't know, an administrative sinkhole appeared? The energy provider suggests to declare any generators through the website of the governmental infrastructure, which in Belgium is https://mijn.infrax.be/.
|
||||
|
||||
Except that it isn't. Infrax came to be in 2006 by merging Interelectra, Iveg, and Wvem. More recently, In 2018, it was taken over by Eandis, which changed the name Infrax to Fluvius. Are you still with me? The average citizen---myself included---doesn't care for big takeovers and politics, they just want to register their stuff, as any true responsible person would.
|
||||
|
||||
But the website you're pointed to still comes with the domain name `infrax.be`. Worse, try going to https://infrax.be: you'll be redirected to https://fluvius.be. That's good, right? Except that they forgot to redirect the subdomain `mijn.infrax.be` you use to access your account and register solar panels. To add to the confusion, the logo _did_ change. For people who don't know Infrax equals Fluvius, this site now looks like a phishing attempt. Look at the `?ReturnUrl=` parameter:
|
||||
|
||||
|
||||
|
||||
What's up with that, needlessly including the SSL port when it's pointing to `HTTPS` anyway? Things get much worse when trying to log in. Of course I forgot my password, so after the necessary email link traffic, I can login and have to press another button that redirects me to another website: https://mijn.fluvius.be/groenestroom.
|
||||
|
||||
Which redirects me to another website to login. Again. Because the cookie at domain `infrax.be` doesn't transfer to `fluvius.be`. I try to enter my credentials I used a second ago at their old site, and it doesn't seem to recognize my account. I press "forgot password", and the site claims my email address is unregistered... What? Okay, so I'll have to create yet another account. But wait. It gets worse.
|
||||
|
||||
The beautiful address I now find myself in is `https://klanten.b2clogin.com/klanten.onmicrosoft.com/b2c_1a_customer_signup_signin/oauth2/v2.0/authorize?client_id=91bb9a0a-f45d-491a-ae0b-43324fbc343a&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmijn.fluvius.be%2Fredirect&client-request-id=0cc2b4d9-ef8f-4478-989f-1af2f4ccfae6&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.23.0&client_info=1&code_challenge=oLNa2bV0-9ROEl0F7XG8anOjO4kofUWajxaSFlZwEow&code_challenge_method=S256&nonce=a08fea39-fade-49fd-bef6-2ce17df0c5fd&state=eyJpZCI6IjM4Mjk1YzM2LWQ5ZDctNDk2NS05Zjk4LWZmOTBmNWI2MDIwZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D`:
|
||||
|
||||
|
||||
|
||||
As you all undoubtedly know, `onmicrosoft` has something to do with Microsoft's Office 365 platform, and `b2clogin` is the domain Microsoft uses for their Azure logins. I don't care what tech they use to develop this site, but I do care about transparency and security, and this clearly isn't it. If you choose to login using your electronic identity card, you're again redirected to `idp.iamfas.belgium.be`
|
||||
|
||||
After untangling that mess, I am _finally_ logged in at `mijn.fluvius.be` and every trace of Infrax now is gone---after having navigated 5 different domains. I can then proceed to declare our solar panels, which is another painful process that includes uploading a bunch of PDF documents and then also having to scout for VAT numbers of installers that were nowhere to be found.
|
||||
|
||||
I did all this in 2017. Why am I doing this again? My suspicion is that the Infrax to Fluvius merge was riddled with confusion. Perhaps a few angry civil servants that got fired in the process hit the delete button. Perhaps the database was never fully converted and now is rotting with duplicate (and very likely sensitive) data. Perhaps the IT company that won the invitation to tender ran out of money while redesigning the old website, or it was nearshored to reduce costs and a big part of the domain was lost in translation.
|
||||
|
||||
My technical background makes it possible to at least understand a part of this silliness. But suppose someone who isn't is also trying to wrestle their way through this process. The amount of witnessed design mistakes makes it almost too painful to write about. It's also no coincidence that a mess such as this is most often found when navigating governmental websites.
|
||||
|
||||
I hope we can do better.
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 162 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 129 KiB |
|
|
@ -113,6 +113,7 @@ article
|
|||
|
||||
p
|
||||
margin: 0 0 20px !important
|
||||
word-break: break-word
|
||||
|
||||
blockquote p
|
||||
margin: 0 !important
|
||||
|
|
|
|||
Loading…
Reference in New Issue