Practical Thoughts on User Logins from David Gammel
David Gammel who works for the ASHA and blogs at High Context has a piece from March 2005 about the practical issues around logins . What is a useful convention? Here are a few snippets. "When I came to ASHA in 2000 we were using the same account number/last name scheme for access and that info was and is on every mailing label and membership card. [security risk] We then implemented a username/password system that allowed the user to create their own login name and password. Over time, we found many members had problems remembering the login name they had created for themselves. A few years later we migrated to using their e-mail address as their login name which has dramatically reduced support calls for lost user names (many of our members call us instead of using the account help tools on the site). Based on our own experience, I would recommend going with e-mail as the login name.
David goes on to share some useful practices and "gotchas."* Each member must provide a unique e-mail address. Sometimes this is an issue when a spouse shares the same account and is also a member.
This is useful blogging. Love it. Reminds me of Lee LeFever's post today on how to blog your delicious tags. Contributions towards practice -- I LOVE IT! Thanks David and Lee. (Now I have to think about what I can contribute this week. What are YOU contributing to your world?)
* You should provide instructions on free services that members without an e-mail address can use to get one (there are still some people without e-mail addresses!). This is also useful in the spouse shared address situation.
* Clearly state how the address will be used by the association when the members supplies it to ease privacy/spam concerns on the part of the member
* Consider your response to members who refuse to supply you with an e-mail address but want access to the member-only content and services (I have encountered this a few times).
* Members should be able to change their e-mail address at any time without having to re-register with the site. In technical terms, test for e-mail uniqueness but don’t use it as the primary key for the record.
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home