I have noticed, over the past month, that the VCDS-Mobile login page has not consistently remembered my password. I was not sure of what process this web page used to remember the password, however, I assumed it set a cookie somewhere.

I periodically discard cookies from my browser, this due to privacy concerns. I went into the cookie folder looking for a cookie called 'Ross-Tech' or 'VCDS-Mobile' or similar, but I did not find one. After some experimentation, I discovered that the cookie set by the HEX-NET device uses the IP address of the device as the name of the cookie. In my case, the IP address of my device is 192.168.0.106, hence, that's the name of the cookie.

I then set this cookie aside so that it would not be discarded when I routinely cleared cookies. Since then, the VCDS-Mobile application has begun to remember my password and log me in automatically.

-------------------

On another matter related to VCDS-Mobile login and the password: If a user enters an incorrect password, the application returns a message 'Login Incorrect', but that message is presented in the same font and same colour as other text on the page, right on top of other text. Because of this inconspicuity, it is easy to not notice the 'Login Incorrect' message... which then leaves the user wondering why nothing is happening.

I suggest that you increase the font size of the 'Login Incorrect' message, and change the colour of that message to red. If the message appeared in larger, bold face type, red in colour, then it would be impossible for the user to not notice it immediately. Also, I suggest you change the words used so the message is more clear: Instead of saying 'Login Incorrect', say 'Wrong Password' or 'Password Incorrect'. There is no user name to enter (presumably the serial number of the device is the user identification), the only thing that the user can get wrong is the password. So, use plain and simple language to ensure that the user understands exactly what it is that they are doing wrong (entering an incorrect password).

Finally - I wonder if, in the future, when these devices become more widespread, if there might be occasions when a user inadvertently attempts to log into the wrong interface. For example, in a workshop environment where there are numerous HEX-NET devices, or at an informal get-together where several people have brought their HEX-NET. In that case, a user might attempt to log into their device (using the correct password for their device), but perhaps the VCDS-Mobile application connects with another HEX-NET instead? In such a case, the user could type the correct password for their device repetitively, but not succeed in logging in because they are (unknowingly) connected to a different HEX-NET device.

If you folks at Ross-Tech think that the above possibility exists, then it might be appropriate to identify the HEX-NET by serial number and perhaps the first three letters of the registered user's name following an unsuccessful login attempt. This would ensure that the user is aware of exactly which HEX-NET device they are trying to log into.

Michael

Suggestion for improvement of message