The Design of Software (CLOSED)

A public forum for discussing the design of software, from the user interface to the code architecture. Now closed.

The "Design of Software" discussion group has been merged with the main Joel on Software discussion group.

The archives will remain online indefinitely.

Username Format

We are setting up a web based application which requires the customer to have a username and password.

A few ideas have been tossed around as to the format of usernames, I am keen to hear your thoughts on :

1. Forcing usernames based on a convention (i.e. firstname.lastname).
2. Allowing customers to pick their own username.

More than happy to hear any other suggestions!

Cheers.

Steve
Steve Nelson Send private email
Tuesday, September 20, 2005
 
 
I really like the convention of using email addresses as usernames. They're guaranteed to be unique.

Of course, if those usernames will ever have to be displayed on the wide-open internet, then email addresses would be a bad idea, since they can be scraped to easly by spambots.
BenjiSmith Send private email
Tuesday, September 20, 2005
 
 
Although it's important to note that using email addresses as a unique identifier restricts the majority of users to a single account. This may be the intention, but be very sure that your users would never wish to sign up for a second.

Certain entertainment sites have annoyed me immensely by doing this. If for example someone wanted to set up an account for their partner, kids, whatever, this can cause people problems.

Of course, your site may not fall into this category. But it's always something to consider, it's a very easy way to frustrate people!
Andrew Cherry Send private email
Tuesday, September 20, 2005
 
 
I tend to be unwilling to use a real email address for every system that wants one.

Also, I tend to abandon email addresses as they become too spammed.

How do you deal with people who don't want, haven't got, or want to change their email address?
new nick, new rep
Tuesday, September 20, 2005
 
 
+1 for email addresses.

And I wouldnt quite agree that this restricts people to a single account, not with the vast amount of free email providers out there.
redeye Send private email
Tuesday, September 20, 2005
 
 
Depends on your target market. Does your grandmother know about free email providers?
Andrew Cherry Send private email
Tuesday, September 20, 2005
 
 
Lots of website 'services' want to know your email address so they can keep you involved.  They want to push reminders to you, push 'value' to you and otherwise use you.

This is just so irritating.  And quite un-Joelish.

This forum is explicitly designed to keep you revisiting, rather than telling you via email when things change.  It is about building loyal membership.

It lets you choose to allow others to reach you by mail, but it allows you to hide that mail address and to use it selectively in posts.

Such systems are far more user-friendly in my view.

So quit building 'email identity' into apps.
new nick, new rep
Tuesday, September 20, 2005
 
 
Traditionally in unix, people are given a "username".  Elsewhere they store a "real name", probably in some LDAP directory.

Why not give everyone a username, which could be little more than just a number, and also a "realname", which is ultimately a reference to the username.

ie, email to firstname.surname --> username

If everything ultimately goes to use the username, then inconsistencies in username is not a problem - there is no inconsistency!

For example, what if two people have identical firstname.surnames? What if they don't have a surname? What if they have some other requirement about their name? Names are very personal.
Arafangion Send private email
Tuesday, September 20, 2005
 
 
Consider doing things "backwards": use email addresses for sign-in, but allow users to pick a username that will be displayed instead of email address where appropriate.

You see, I have a pet peeve about web sites that require usernames.  For me, they're actually harder to use.  I have a very common name (too common) and the username must be unique.  I can be "dej" on some sites, "djones" on others, "dejones" on still others, etc.  Recently I have taken to using "d3jones" simply to be a little more unique.  I'd rather just use my email address.  At least then I can remember what ID I have to use for each site.

Also consider: userids can be more precious than passwords.  Usually there is a procedure for recovering a lost password, typically by having a site email it to me, given my email address.  However, if the site requests a username, and looks up the email and password associated with that username, and I've forgotten my username, then I'm screwed.  I can't recover.  Ironic: I can recover my password (generally perceived as more valuable) but not the username (often perceived as of little value, because it is often public).

If you operate a service that uses some other kind of identifier, then consider using that instead.  I like my President's Choice MasterCard and CIBC Classic VISA: I can log in to those sites with my CC# and if I forget it, well, the number's written on the card in my wallet.  Bad AMEX: they require a userid separate from the CC# and I can't to this day remember what it is.
David Jones Send private email
Tuesday, September 20, 2005
 
 
> firstname.lastname

There's only one john.smith in  the world, right?
S Tanna
Tuesday, September 20, 2005
 
 
Also, what happens when the person's  name changes :)
Arafangion Send private email
Tuesday, September 20, 2005
 
 
Consider the following regarding email address as a username:

Users may purposefully, or accidentally, enter a non-existing email address.  Not a problem if you never have the need to send messages to the user, but in the instance of a password reminder, welcome message, etc, the message gets sent to a non-existing address. 

Just my 0.02.
Wanderer Send private email
Tuesday, September 20, 2005
 
 
Yes. The typical response to this is the "bounce", ie, the system then *knows* that it's non-existant.

However, many places require you to type in the email address twice - this rules out the accidental and only leaves the deliberate.
Arafangion Send private email
Tuesday, September 20, 2005
 
 
Great feedback, thank you.

Using a customers email address will be OK as they will not be displayed on the Internet (or at least in a format that can be scraped).  It also gets around the good points raised by Arafangion.

Our site will use email to communicate with the customer, so they must have an email account.  It makes sense to ensure it is correct, making it the username will achieve this.  This will work for both soft and hard bounces.

@ S Tanna thanks for the feedback, we thought we would append in that instance, i.e. if john.smith is taken we move to john.smith001 and so forth - this also has it limits when we hit 999 john smiths (+ the original).

@ David Jones I really appreciate your thoughts and I agree RE : convenience of having something which is easy to remember and is frequently used.  I cancelled my AMEX yesterday but thats another discussion ;-)

I suggest that in the instance that a persons email address changes they can edit their preferences and update their information.

We are conscious of our obligation as good internet citizens, we are not going to SPAM customers into submission!  They will have the option to customise how they are notified (email, sms etc).

Anyway thanks again, comments are all appreciated.
Steve Nelson Send private email
Tuesday, September 20, 2005
 
 
I think you should take Arafangion's point about name changes very seriously.

Ask your wife, your mother, or other ladies in your life, if name changes have ever happened to them.
S Tanna
Tuesday, September 20, 2005
 
 
@ S Tanna - we will - most probably a good reason to run with email address as the login (which would they could update in their preferences).

Thanks again for the feedback.
Steve Nelson Send private email
Tuesday, September 20, 2005
 
 
"We are conscious of our obligation as good internet citizens, we are not going to SPAM customers into submission!  They will have the option to customise how they are notified (email, sms etc)."

What they *all* say.  Why should a punter trust you up-front?
new nick, new rep
Wednesday, September 21, 2005
 
 
@ new nick, new rep

Fair point, the basis of our application uses email to confirm / deny certain actions.  Unless the customer opts-in (note opts-in!) we wont contact them.

Definitely something for us to think of, so I appreciate your comments.
Steve Nelson Send private email
Wednesday, September 21, 2005
 
 
Binding users to email entered on signup is stupid. People may stop using certain email address for gazzilions of reasons.
A regular
Wednesday, September 21, 2005
 
 
I agree, there are a lot of reasons someone would change their address, second to this what email address would they choose (we all seem to have at least 3 these days)!

We will allow a user to update their email address, this will help getting around the "binding" issues you have raised.

Not that we ever thought of binding someone to the first set of details they entered, we would allow them to update their details.

Thanks for you feedback.
Steve Nelson Send private email
Wednesday, September 21, 2005
 
 
I know that this is a bit of a wishy-washy cop-out, but I've always favoured the approach of asking the user to select their own username, but politely suggesting that they use their e-mail address. The system will also record their actual name so that shipments, letters etc. can be properly addressed and when logging in, the user can supply either their username or their e-mail address and their password. In the event of more than one user having the same e-mail address (allowable so long as they have unique usernames) the system checks the password against all users with that e-mail address to find a match and, if one is found, logs in.
It's a bit of a swine to code, but once you've done it once you can re-use the code again and it makes life easier on the poor, forgetful user.
Paul Brown Send private email
Friday, September 23, 2005
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz