58

Trust and personal information security are very important issues these days when it comes to online accounts, so it is not unusual for people not wanting to create an account (i.e. provide personal information) when making purchases or requesting information.

So it would seem like most cases when users are forced to do so it is due to a business or technical rather than user requirement.

So the question is: what are the design patterns or techniques that creates a smoother user experience when forcing users to sign up or create an account? Bonus points if these techniques are actually ethical design practices as well!

stannius
  • 103
  • 3
Michael Lai
  • 27,124
  • 17
  • 89
  • 186
  • 67
    Who's to say we need to require people to create an account when making purchases? – user7886229 Oct 14 '18 at 23:27
  • 2
    You can use something like Stripe and even manage them as customers through the api. – David Kamer Oct 15 '18 at 01:26
  • 1
    My experience as a consumer has been that my information is being requested to facilitate my next order, removing the need for me to type it out again. Mutually beneficial. – ESR Oct 15 '18 at 04:31
  • 33
    Unless customers are buying content say like Netflix , I see no need to ever require creating an account. If I ever come across a site that requires that I sign in, I skip it and go somewhere else. – Michael J. Oct 15 '18 at 15:06
  • 8
    @ESR: But that's assuming that you are going to be making repeat purchases, and frequently enough so that info like credit card numbers/expirations (or even your address) are going to stay current between them. This isn't always the case. – jamesqf Oct 15 '18 at 18:13
  • 18
    forcing users to make an account is missing from the title, the obvious answer to which is: don't. – Mazura Oct 16 '18 at 18:18
  • 2
    @ESR in a perfect world yes, in our data breach blighted world I prefer not to create a new account whenever possible. What doesn't get stored in the first place can't be stolen and traded on the darknet. – Dan Is Fiddling By Firelight Oct 16 '18 at 19:31
  • 1
    Thanks for asking! It's good to see an effort and even just an acknowledgement that people don't want any more accounts! – Zeus Oct 17 '18 at 03:26
  • 1
    @Mazura there may be situations where it is necessary or advisable for the user to create an account, and where it is not necessary some designers/developers still enforce it. But the question is about how to create the best experience when people don't consider it necessary (when it might be in their interest), so this could be how to make the user understand the need better or providing them with incentives to do so and not just forcing them. – Michael Lai Oct 17 '18 at 12:35
  • 1
    @ESR Most of the information they want to store can also be stored by my browser and automatically filled into a properly designed form. I don't need them (and a zillion other companies) to store my information as well. – chepner Oct 17 '18 at 22:00
  • 1
    Just don't. If you force me to sign up to buy something, you have a good chance, I will not buy. And if I still want to buy, I do research how I can delete my account asap. And especially with GDPR for european citizen you're getting a lot more responsibility for data and managing customer requests to get their data and to delete it (even from all backups in a reasonable time). You can avoid this, but just not requiring an account. – allo Oct 22 '18 at 07:58
  • @MichaelJ. - ...or I check at bugmenot.com if someone went that path before :) – miroxlav Oct 22 '18 at 09:55
  • Have you considered something like passwordless? Users only need to provide their e-mail address and click on a link to get a session, you get their e-mail address so you can remember their other details, nobody needs to remember or safely store passwords, dedicated accounts for simple webshops are obsolete. – kevin Oct 22 '18 at 12:33
  • From a security/privacy standpoint, it's been proven that it's not in peoples' best interest to have online accounts that they don't find necessary. The least important accounts are often neglected by the user, which is good for any attackers. – Clay07g Oct 22 '18 at 13:42
  • As a person who usually doesn't want to create accounts let me tell you: I'd rather switch service than sign up for yours. There are plenty of shop systems where no account is required. I'm willing to go to search page 2 and 3 to avoid your specific service – BlueWizard Nov 12 '18 at 06:10
  • => don't force the user to do things which they don't want to do. – BlueWizard Nov 12 '18 at 06:11

12 Answers12

53

Interesting question. To answer it I think we have to understand what's frustrating to users and then provide some alternate ways of doing things.

Also remember, if you don't need the user to create an account then don't make them!

Lengthy Forms

Users may find it frustrating to fill out a bunch of information in many different input fields. Especially when most of the information isn't going to be used. Try to only collect information you absolutely need and try to collect it in the most efficient way possible. Allow the user to take many shortcuts. While it may take more time and be quite annoying to include these shortcuts, it will make UE much better. For example, if an address field needs to be filled out, instead of making the user type their full address, city, state, country, zip code, etc. have the form automatically search as the user types in the address and fill in the information automatically. Also, have common domains autofill for emails (@gmail.com, @hotmail.com, 65+? @aol.com).

Passwords, passwords, passwords

This is a big one. Nobody likes passwords, nobody can remember passwords, and everyone hates them. Their approval rating is literally 0%. But, unfortunately, we need some way to authenticate a user. So, simplify this as best you can. Don't put extreme requirements (7.5 characters (Yeah you gotta figure out how to type 0.5 of a character), Uppercase, lowercase, numbers, can't have consecutive numbers, must include a Chinese character, etc.) these are extremely annoying to users and many will screw it up a bunch of times before getting it correct. Also, that isn't the best security practice either.

Allowing the user the option to login with another service (Google, Facebook, etc.) is a good option.

Additionally, when you sign up, you should automatically be signed in. Countless websites do this stupid thing where you signup and then are forced to retype your email, username, password just to sign back in.

Lastly, if the user does screw something up, don't clear everything out making the user retype all their information (ehem client side validation).

Verification

Many websites will require verification in some form of a text or an email. Many times emails will be delayed making the user wait extended periods of time. Allow the user to continue with what they were doing BEFORE verification. Make the last step confirming the email/text, giving time for the user to receive it.

Spamming my email

Simple: Don't do it. If the user wants to buy your product they will go to your site and purchase it, you don't need to send them constant reminders "[RANDOM ITEM THE USER DOESN'T WANT] 50% OFF LIMITED TIME". If you want to send the user emails about discounts have the user tell you they want that. Either have a subscribe button on item pages or something else.

Don't share their information

Don't be Facebook.

User42
  • 125
  • 6
user7886229
  • 596
  • 1
  • 3
  • 7
  • +1 Nice to see lots of new contributors for this question. Just wondering if you have any actual examples of successful strategies that incorporate one or more of the techniques that you have mentioned? – Michael Lai Oct 15 '18 at 04:31
  • 33
    "Countless website do this stupid thing where you signup and then are forced to retype your email, username, password just to sign back in." or they don't redirect you to the page you were previously on before having logged in. This is UX 101. – ESR Oct 15 '18 at 04:33
  • 7
    @ESR Grrrr. Talking about that I was on a site where I was create a an e-card. Wrote my entire letter and designed it. Told me to sign up to send it, so I did. And it redirected me to home page. I had to recreate the entire card. – user7886229 Oct 15 '18 at 04:35
  • 13
    Site-managed autocomplete for anything besides physical-address lookup is likely to be a UX disaster. Properly specifying input type and autocomplete attributes is substantially friendlier. – chrylis -cautiouslyoptimistic- Oct 15 '18 at 07:59
  • 41
    Add "don't block password managers" to the list – Ferrybig Oct 15 '18 at 14:13
  • 2
    I would like to add: Don't use passwords. At all. Instead, perform the "reset password"-routine when the user wants to login and then log them out after say 14 days. This way the user don't need to remember a password and you don't need to store it and potentially lose it to bad people attacking your server. – Björn Larsson Oct 15 '18 at 14:47
  • 1
    @BjörnLarsson You shouldn't store passwords even if you're using them. – StackOverthrow Oct 15 '18 at 16:59
  • 4
    Another: Don't offer to let the user proceed as a guest and then force them to sign up at the end. An online retailer lost a sale to me the other day because of this. – StackOverthrow Oct 15 '18 at 17:01
  • @TKK +1 It's the dumbest thing! Also when they say it's "Free to sign up" so you sign up and then you have to pay to actually use the service. – user7886229 Oct 15 '18 at 17:12
  • 9
    Re autofill: No, NO, NO! Unless it's something like automatically looking up the state from the ZIP code, few things are more annoying. – jamesqf Oct 15 '18 at 18:15
  • I love how this has turned into a rant against websites! – user7886229 Oct 15 '18 at 18:23
  • 9
    Ph and make sure your password verification matches the rules shown to the user (and show them!) I had a website complain that my 8 character password wasn't a minimum of 8 characters once. Or just today one said that my "any three types" (upper, lower, number, symbol) password that contained upper, lower, and symbols wasn't valid (because it didn't have a number). – Draco18s no longer trusts SE Oct 15 '18 at 21:34
  • Good list, but one item is missing for me: User account data gets stolen. I could list about half a dozen websites/companies where I created an account to do a purchase or get some information and that account data was later stolen. (I use unique e-mail addresses so at least I see when those addresses get into the hands of spammers and can block them.) So, if you want any more information than just a volatile e-mail address and a password, I will think twice before creating an account. – Dubu Oct 16 '18 at 10:57
  • @Dubu Are you sure it was stolen and not given? See "don't share information". And thanks :) – user7886229 Oct 16 '18 at 10:58
  • 6
    @JBis Great answer, only thing I'd add: don't use a CAPTCHA. They don't help matters anymore (they're actually getting easier for robots and harder for humans with each iteration), and just piss users off (and if the user is like me, they go find a competitor right out of the gate). – Der Kommissar Oct 16 '18 at 13:13
  • @202_accepted Thanks! I'll definitely edit that in (unless you'd like to). Captchas used to be simple but they have turned in really complicated tasks that take longer to do than the form itself. P.S. a trick I have found, especially with google captchas, is to click the audio feature. It seems to allow me to get it more consistent. – user7886229 Oct 16 '18 at 13:20
  • @JBis Oh I'll let you edit it in (I don't have much rep on this site anyway, so it has to sit in approval unless you or someone else approves it anyway, and since it changes the answer others are far less likely to approve). :) (And I just move away from Google CAPTCHA's now. I literally just find a different place to do/buy/whatever. Unless there's no competitor, it's not worth the hassle.) – Der Kommissar Oct 16 '18 at 13:22
  • 3
    @Ferrybig As long as we're talking about password managers, allow at least 32 characters maximum in the password (the length of the default 128-bit key in KeyPass). The larger the maximum the better. – IllusiveBrian Oct 16 '18 at 18:51
  • 2
    @IllusiveBrian ....or because we are hashing (RIGHT?!?!?!) there shouldn't be a max.... – user7886229 Oct 16 '18 at 18:51
  • 3
    @JBis, you need a maximum to keep someone from DoSing you by using the King James Bible as their password, but it should be higher than what any sensible person would use (I favor a limit of 1000 characters). – Mark Oct 17 '18 at 00:41
  • @Mark that's what max execution time is for.... – user7886229 Oct 17 '18 at 00:42
  • @Mark if you want your password to be King James Bible and you can submit it within 30 sec. Be my guest :) – user7886229 Oct 17 '18 at 00:44
  • @JBis "For what it's worth, once you remove their extra text, the Project Gutenberg plaintext (ASCII) copy of the King James Bible (Old and New Testaments) is 4.13MB in size" seems very doable in 30 sec. And there is no point of wasting resources to hash it. – Mołot Oct 18 '18 at 13:51
  • @Mołot Only at stack exchange would someone actually calculate that . Thanks. – user7886229 Oct 18 '18 at 14:01
  • @JBis I only found calculation. – Mołot Oct 18 '18 at 14:02
  • @Mołot Fair enough I am gonna do some testing and see if the resources wasted are significant. – user7886229 Oct 18 '18 at 14:04
  • Speaking from experience, web-services don't tolerate large data-packets very well unless they're expecting them. Yes 4.13MB counts as "large" for this purpose :P Sounds like an amusing way to kill the password manager – Ruadhan2300 Oct 19 '18 at 13:37
  • 1
    "Allowing the user the option to login with another service (Google, Facebook, etc.) is a good option." - as long as it's an option and I can instead provide a user name/password combination (IMHO the much better way, not at last in terms of protecting my data), that's fine. Whenever I see a site that only allows login via another network's account, I'm gone. – O. R. Mapper Oct 22 '18 at 10:19
45

Update: i have extended the answer and added some examples, i might further enhance the quality of the answer if i get feedback

Thought you'd never ask, here are some things to look at:

1. Does the user even need to create an account? Why?

Many product managers/designers fail to ask themselves this important question, it has become one of the largest trends that every digital product out there needs to identify its users, while it's true we are much more able to achieve things when users create an account, it has to be a conscious decision rather than the intuitive ofcourse. By forcing everyone to create an account you are making an authority bet, which in many cases you lose.

Login Walls

This is a very good article on nngroup's website called Login Walls Stop Users in Their Tracks it explains a lot about the impact of such walls.

2. Ask only for the relevant information for the current task

When the user is creating an account, the user has something in mind, a need to use your product/a task to be achieved, this requirement is merely an interruption to what the user is seeking, it's crucial that we keep the amount of user input as minimal as possible.

LinkedIn Sign Up

No intention to promote linkedin, but consider their case as most of us know the platform. Eventually we - the users - enter so much information for our profile, can you imagine if linkedin asked for all of that at the registration phase?

And yes believe it, some do ask a lot! The largest platform i know of that made a record of such mistake at its release was Google+ - RIP, we had to go through so many forms some to reflect our social aspect, some our professional, some interests etc.. It took me personally around 20 minutes to get past the initiation process.

3. Ask for the right information at the right time

Imagine having to do your lifetime laundry at once, not so fun instead we prefer to do them on a weekly basis, user input is a similar case on a much smaller scale - considering the exaggeration it's more like microscopic scale. but! it gives the same effect.

Rather than asking for the address at the registration before even trying your product ask it on the checkout, or the more important one should the user register before using your product or at the very end of it.

Create Account After Checkout

PS: This is mistake is common at the hands of fullstack developers since if the mindset used for designing the database is the same as designing the forms, lord's mercy.. the poor user..

4. Simplify the User Input

Go as creative as it gets with this one because there are so many ways to approach it a couple of examples:

4.1. Single Sign On, Social Logins and the one click registration Social Login

4.2. Fill the form on behalf of the user and let the user correct it when possible

Ever wondered about Facebook's default birthdate values for signing up? Facebook Birthdate

Day and Month clearly represent today, but why 1993? maybe as of this year the most common sign ups are users born in 1993?

I'm sure many of us here know we can guess the country from the IP address, what else can we guess is michael.lai@some-email.com implying First Name Michael & Last Name Lai?

Autofill

This is an example of how tolerance could result with a slightly enhanced experience, this case does not apply 100% of the time, the question is if we are able to research patterns used in emails and found that x% of the users use firstname.lastname@email.com then we could try to use that information in auto filling the form even if it doesn't work all the time.

In this example i have intended to break the rule to prove that it still can workout somehow, on a mobile device the user would only have to click the button in the middle to swap the values between first name and last name, also the user would have to press backspace 4 times eventually requiring the user of 5 taps of barely thinking over having to type in manually everything.

Use this for mobile apps, web forms already provide autofill for users that might become useless if you fill it.

Disclaimer: this example was made within minutes it is not verified please do not take it as is to your product without testing it, it's merely about the approach and how to think about such problems.

4.3. Question the fields you're asking for, it reflects on the interaction pattern, do i need to ask for the full birthday? or am i only concerned in knowing the user is over 13 years old? the difference is Date Field vs Checkbox i guess you know how much that is in user time/frustration.

4.4. Field grouping and sequence, reflect the user mental model.

4.5 Don't exaggerate password complexity (unless you have a good reason)

4.6 by @vlaz: do i need to ask for the full birthday?

"perhaps it's some sort of statistical anomaly but a lot of services that ask for that information attract disproportionate amount of people born on the 1st of January."

thank you @vlaz

and the list goes on..

UX Labs
  • 2,455
  • 1
  • 16
  • 25
  • +1 nice breakdown of some very relevant issues and well explained. Any good screenshots or examples to go with it? :) – Michael Lai Oct 15 '18 at 01:55
  • 34
    do i need to ask for the full birthday? perhaps it's some sort of statistical anomaly but a lot of services that ask for that information attract disproportionate amount of people born on the 1st of January. – VLAZ Oct 15 '18 at 06:21
  • 4
    +1 plus tell the user the advantages to them of having an account with you. If you can't come up with any advantages, don't demand an account. – Paul Smith Oct 16 '18 at 10:32
  • there you go @MichaelLai – UX Labs Oct 18 '18 at 15:18
  • I think in terms of the scenarios covered and the explanations provided (with examples), this is a very good answer to the question even if it doesn't get the most number of upvotes :) – Michael Lai Oct 18 '18 at 15:23
  • well appreciated!! :) – UX Labs Oct 18 '18 at 15:24
  • 3
    guess the country from the IP address NO NO NO Use the HTTP headers for that, because they show the user desired language and not an increasingly inaccurate location. May I also remind you that different countries can have different languages ? – Antzi Oct 19 '18 at 03:25
  • Please don't attempt to autofill forms by guessing. Modern browsers already do it better as long as you keep your forms in a sane format. – Cubic Oct 19 '18 at 10:43
  • @Cubic i forgot to highlight i am referring to mobile apps in this case, web forms are easier to fill in anyway – UX Labs Oct 19 '18 at 10:46
  • 2
    @Antzi Amen to that! Assuming that one country maps to one language is stupid - I speak English and live in a French-speaking region, but because the country happens to be Switzerland, PayPal sends everything to me in German... – Oscar Bravo Oct 22 '18 at 06:58
  • 5
    I can only imagine the face of the filling-form guy who has indeed been born on Oct 18 1993. – Wtower Oct 22 '18 at 12:46
  • Don't fill in data you're not somewhat certain of. For example should the default laat name be "Smith"? No! Most People would need to manually remove it since (even tho maybe is's a common name/birthyear) it's not the name/birthyear of >50 % of your userbase. – BlueWizard Nov 12 '18 at 06:08
32

I'm sorry for the presumption since I know nothing about your use case, but I'll be the one to say it: don't force them to make an account. Just don't. Users can understand when making an account is necessary. If they expect to use your site without an account, then either you've confused them about what the site does or it's probably possible.

That strong opinion stated, there are some options that work essentially like an account, but don't feel to the user like they've created an account. After an interaction, you can email them a unique link or code (for example inside a "confirmation" email). They can use that link or code to access relevant information in the future (e.g. shipping information). Another thing you can do, though I haven't seen it in the wild, is offer a "retrieve my info" page where they enter an email address and the link/code gets resent to them. Basically this is like logging in via a password reset email every time they visit the site.

Where is the line between the above tactic and creating an account? I would view this as ethical as long as you do not collect and store information about them or personalize their experience. If a user has not "signed up for an account" then I think they have some expectation of privacy regarding what is being collected and associated with their email address.

usul
  • 561
  • 3
  • 3
  • 1
    1st paragraph, +1. But if you have my email then I'm essentially already signed up. If it's a fake email, what was the point? That most people are idiots and will use their real email? You have my permission to presume all you want because this question belongs on IPS; it's a people problem, not a computer problem, and besides that it has a duplicitous title. – Mazura Oct 16 '18 at 23:23
  • 2
    @Mazura, I definitely see where you're coming from. A more polite way of putting it is probably: if a user might rationally prefer to give a fake email, then providing an email and/or making an account should absolutely be optional. In the rest of my post I'm assuming the user has some good/useful reason for giving their email. – usul Oct 17 '18 at 01:45
  • +1. I'd also add that it is OK to ask user "Do you want account with that" after he did what he needed to do - like, filled shipping form. After. Optionally. When he already seen that all the data collected was really needed for what he was about to do anyway. – Mołot Oct 18 '18 at 14:14
26

Single Sign-On

Heavily utilize SSO services.

Add as much support for as many platforms as possible. Even though this is time consuming and compatibility issues increase as you increase the number you support, look at it like you are supporting more platforms (Android, iOS, Windows, Linux) because odds are the user will have one type of single sign on account that they regularly use.

Generate Passwords By Default

Another practice I've seen is generating the password for the user while still giving them the option to change the password if wanted. If the user wants to come back, then they'll write it down or change it. Odds are if they don't, it won't even bother them. You have their email, and if they want to get a password reset it would already be as easy as having access to their email/phone in most situations, so there is no actual loss of security as long as the password is generated correctly and sent of HTTPS.

Don't Ask Them for A Username

Lastly, don't make them come up with a username and email, one is enough.

If you follow all of these, you'll just need to make the purchase form ask for their first, last name (etc). This will allow for the creation of an account to happen almost transparently, and the user, beyond accepting the terms and conditions and clicking create, will not be hassled. One could even argue that the account is more securely created when the user doesn't have to create their own password, as they will not be prone to reuse a password from another site.

Welz
  • 105
  • 1
  • 1
  • 4
David Kamer
  • 361
  • 2
  • 4
  • 2
    +1 I guess this works when there is a 'trusted' network of sites that the user is comfortable with exchanging or sharing information on. However, if the user wants to remain anonymous then what would be the best strategy? And will the users be fully aware of the implications of providing such information of SSO? – Michael Lai Oct 15 '18 at 04:33
  • 10
    don't make them come up with a username and email, one is enough I'd even say that username isn't always needed. If it's not going to be displayed (e.g., having public posting), then an email is enough. Users usually remember their email, so they don't need to remember another identification. If there is a need for username, by the gods, don't make it set in stone at the time of account creation. There is no real reason to. – VLAZ Oct 15 '18 at 06:17
  • 6
    For what it's worth I refuse to use SSOs (e.g., Google, Facebook, etc.) to login or create an account on any website. You'll get my junk email address, nothing more. – Uyghur Lives Matter Oct 15 '18 at 20:43
  • 2
    @cpburnz why not creat a junk SSO account? – David Kamer Oct 15 '18 at 21:27
  • 1
    @MichaelLai You could argue that users are responsible for their own privacy to the extent of SSO use, but I'd go further and say that you as the developer only has responsibility for how you use their SSO information, not how the SSO service uses it. If something comes to your attention or a user complains, add a "more information" link or tooltip on the page to let them know the implications and/or what data you are storing from the SSO. – David Kamer Oct 15 '18 at 21:53
  • 3
    @DavidKamer I have yet to find a service compelling enough for me to create a junk SSO account. – Uyghur Lives Matter Oct 15 '18 at 21:57
  • 1
    @cpburnz I'd use google. You can quickly setup a gmail account and sign into everything with it, and it isn't a painful to use. – David Kamer Oct 15 '18 at 22:04
  • @cpburnz I've found plenty off services compelling enough to make a junk SSO account worthwhile. The thing is, I haven't found one that's both worth a junk SSO account, and not worth just giving my real email. –  Oct 15 '18 at 23:38
  • 3
    @DavidKamer but if you already have a gmail account signed in to google services that you do want, setting up a junk gmail account for SSO is one misclick away from linking your primary (and potentially very personal) online ID. I use google/SSO for a few things that started via Android so it was almost necessary (e.g. Strava) but otherwise an email address I control – Chris H Oct 16 '18 at 15:49
  • "Don't Ask Them for A Username" - maybe make this 'prefill the user name field with the e-mail address'? After all, e-mail hosts come and go, and the user has no control over that. Every time I set up a user account somewhere that seems to be identified exclusively by my e-mail address, I'm both confused and worried about what is going to happen to that account (and my data inside), should that e-mail account ever disappear. Will it be possible to still access the account? Will it even be possible at all to change the handle of an existing account? – O. R. Mapper Oct 22 '18 at 10:23
12

As you mention online purchases, the best is to let people checkout without needing to creating an account. They still have to fill out tons of details for their delivery, just ask them at the end if they want to create an account so they can check on their order easier.

Doing this, you ask it at the right time, when there is a benefit for the user.

Martyn
  • 2,348
  • 10
  • 22
  • And if they do, auto-populate as much information as you can from the order they just placed (don't ask for their address again). – Draco18s no longer trusts SE Oct 15 '18 at 21:45
  • Actually, when you do ask to create an account, there should be no need to ask about anything except law-required permissions and maybe username & password. – Mołot Oct 18 '18 at 14:17
6

Use Social Sign Up

You are right creating a new account requires considerable effort and 86% of surveyed people report being bothered by it. However, it has been found that social sign up increases conversion rates by around 52%.

It is not hard to explain why. Social signup requires only one click and you're in. Compared to the traditional way where you need to decide which email and password to use, recall the last password you used, and deal with password rules which could force you to invent new password. It just requires a lot of cognitive load to recall, store and remember passwords.

A very good example of using social sign up is Pinterest

enter image description here

Here you don't even have to click if you are already logged in to Facebook or Google. The registration is virtually frictionless. As a plus, 67% of your consumers are more likely to return to your website because you don't force them to create username or password. Social sign up also increases user engagement.

enter image description here

The most popular social login options are Facebook and Google. In addition, there is a comprehensive study outlining the most popular social sign up options by business vertical.

Conclusion

Among the other proposed methods for reducing user registration pains we should consider social sign up as it shows promising results. It requires considerably less effort to sign up, and increases the user engagement or your returning users.

Kristiyan Lukanov
  • 11,482
  • 3
  • 30
  • 58
  • 15
    Please, don't make these services the only option. I'm a happy email-and-password user myself, and I don't want to connect any other accounts (and in fact, I have no accounts on places supporting this). – SilverWolf Oct 16 '18 at 02:45
  • 1
    @SilverWolf I didn't mean social sign up only. – Kristiyan Lukanov Oct 16 '18 at 06:58
  • 1
    Sorry, wasn't trying to say you did. Just leaving this here in case someone else saw your answer and thought "Gee, that sounds great! Let's remove email and password, because nobody uses it!" – SilverWolf Oct 16 '18 at 11:29
  • 3
    Facebook is bad enough, but using it to login everywhere is a security risk that needs to be managed. – George M Reinstate Monica Oct 18 '18 at 18:30
5

There is a whole new approach, based on the Ethereum Blockchain.

It is called "Universal Logins". The base idea is to create a key pair and deploy a contract on the Ethereum Blockchain that accepts messages from that public key.

The goal here is not to have the best onboarding experience on the ethereum ecosystem, but the best login anywhere on the internet. For starters the current running code has these advantadges:

  • No need to type or remember a password anywhere
  • Instant login in multiple devices
  • No need to download or install anything extra
  • No single server with private data that can be attacked or leaked (but beware of the public data you share on the blockchain)
  • The user can take the account they created in one app and use it to login in another app
  • If the app goes offline, the users can still access their data
  • User is in control

Drawbacks are, creating the user itself has a cost, since their account is a contract that needs to be deployed.

More Details here: https://medium.com/@avsa/universal-logins-first-demo-1dc8b17a8de7

Blindripper
  • 307
  • 1
  • 3
  • +1 Thanks for your contribution to UXSE. I have looked into some of the concepts in the blockchain space around personal identity and information security and it is certainly full of innovation! – Michael Lai Oct 17 '18 at 03:49
  • 2
    While very technically interesting, I'm not sure this will improve the user-experience for creating a user-account. It has advantages in consistent procedure, but convincing the user to spend the time doing it and to trust the info-sec of the site is the focus of the question as I understand it. – Ruadhan2300 Oct 19 '18 at 13:53
4

1. Highlight the benefits

“You do not need to create an account to make purchases on our site. Simply click Continue to proceed to checkout. To make your future purchases even faster, you can create an account during checkout.”

Source: The $300 Million Button

2. Create a sandbox

When authentication is necessary (i.e. for reading and writing data etc.) offer the user a temporary guest account to try it out and kick the tires in order to make sure it works for them before creating their own permanent account.

3. Hire a doorman

Imagine a Doorman at a fancy apartment building saying "Welcome home Ms. Kimball" and letting you in. Wouldn't it be great if technology could just recognize you while requiring additional things from strangers who want entry?

Apple's FaceID is an example of "Doorman authentication" which may eventually carry over into authenticating online. This would virtually eliminate the need to create accounts and remember passwords all over the place while introducing some other problems such as one person filling the role of multiple users.

Further explained in the answer below...

4. Trust is hard to gain and easy to lose

Storing personal things about a user without their knowledge will erode trust. Don't store personally identifiable information without first asking permission.

Community
  • 1
DaveAlger
  • 15,893
  • 6
  • 46
  • 76
3

Patterns Without Accounts

It is possible to create a rich user experience without forcing users to create an account. Three prominent examples: PUBG Mobile, Imgur, Microsoft Office.

Guest Accounts: PUBG Mobile offers guest accounts. Users are identified by a globally unique identifier and are able to progress through the full gameplay experience. Accounts are opt-in and provide a better experience by unlocking multi-device syncing and cloud backup. If a user invests enough time in PUBG Mobile to require those features, they’re likely to want an account (vs feeling forced). I don’t know if in-app purchases can be made without an account. Personal anecdote: I tried PUBG Mobile instead of Fortnite (account required) because PUBG made it easy to start playing without an account.

Throwaway Accounts: Imgur allows anonymous uploads. I don’t think they can be edited once the browser session ends. Additional community features open up to people who choose to create accounts (it seems like they may be gradually shifting to requiring accounts as usage grows, but I don’t use it enough to know for sure).

Data Files: Microsoft Office provides tools for interacting with data, but stores the data on the user’s computer. The Microsoft 365 version of Excel adds syncing and other cloud features in exchange for creating an account. A number of applications implement this approach by storing documents in a user’s Dropbox account rather than on their computer.

Matchmaking: I’m unaware of a notable example, but WebRTC chat apps offer a less common example, which is that a user can go to the site, generate a one time token, then provide that token to someone else to initiate a chat. The token may or may not persist beyond a single use.

I hope the above help you to think of some ways you might be able to let people use your app without an account. As these examples show it is possible to defer account creation until users demand an account from you (or even forever).

Michael Hogan
  • 650
  • 3
  • 10
  • I encountered a craft supply website last year with ephemeral accounts. You could opt to sign in or continue without sign in. Without sign in no user information required to make it to the checkout, then during the checkout process your payment, email, and shipping info was taken but you were never given a username and password to the site. Only the specifically required info was taken and only at the time it was required. I really appreciated how smooth the process was. – Myles Oct 19 '18 at 14:47
3

To the premise: business absolutely wants users to create an account. Eg to hold personal information or some such.

It's how you collect the information that matters.

Passive registration allows you to collect the data as part of a purchase procedure without the user burdened by creating an account. At the end of a purchase the user can be asked if they want an account created based on information they have voluntary supplied.

If user chooses to create account: you have fulfilled the business need without forced registration

if chooses not to create account: you probably break GDPR and the user wouldn't have gone through a forced registration anyway

colmcq
  • 8,240
  • 1
  • 32
  • 58
2

Assumption:
This is about e-commerce shopping sites.
SaaS products usually require an account before any meaningful work can begin.

Dump the misconception

First, let's get rid of the biggest misconception in this discussion (not just here, but across the e-comm and usability inudstries):

Security is not the issue

Think about it: Whether I create an account or not, I'm going to authorize you to collect payment from me somehow. That's the biggest security risk in the whole transaction and there's no way around it. Paypal and other similar third party handlers have tried to mitigate that risk to a large extent, but I'm still going to have to connect you to that service somehow.

Account saturation is the problem

When a user is confronted with the need to create yet another account, they immediately think about all the other accounts they already have rattling around in their head. Most people don't use password managers, so the thought of adding another account to the pile just to complete a purchase is exhausting, annoying, and sometimes overwhelming.

Make account creation optional

This is the first step toward a healthier check-out funnel. No matter how easy (or secure) you make your account creation, some people just don't want to bother. And you don't need them to. Just let them roll through check-out entering all the necessary information for shipping and billing and don't ask for anything more.

Let the user join at the end of checkout

Put on your reality glasses: The user provided almost everything needed for an account during check-out! Most of the time, the only missing piece is a password (or social account connection).

If you explain the benefit to repeat visitors (easy repeat ordering) and deal shoppers (sale notifications) and the fact that you already have almost everything you need, most customers will be happy to fill that last field.

Put the Create my account button and password field right there at the end of checkout, and you'll be surprised how many people who opted out earlier dive right in.

Provide social sign-on

When the whole O-auth thing hit the scene years ago, few people realized how it would change the business. The implication of security was there: keeping your key account details with an org focused on securing them. And that was primarily the value prop.

But when we started running user research on it over time, the biggest take away was that users just wanted to think about one sign-in everywhere. The truth is, using your Facebook account to sign-in to e-comm sites is, in most cases, less secure than creating a scoped account for a certain site. But users didn't understand or care about that issue — they just wanted less accounts to remember!

Providing social sign-on has become a requirement over the years. Not everyone wants it, but most people do. Add that to your end-of-checkout sign-up process and you'll get a lot of new accounts.

plainclothes
  • 21,323
  • 4
  • 47
  • 89
-2

No passwords! At all!

I would like to add to previous, excellent answers that it's possible to create a login-site which neither demands nor store passwords.

Use case

This is what it would look like when the user wants to login on a password-less site...

  1. The user enters his/her email adress.
  2. An email with a login link is sent (much like when one resets a password on a traditional site).
  3. The user follows the link.
  4. The website uses the login token in the link to login the user.
  5. The user is kept logged in for X days. The login link expires after a few minutes.
  6. After X days the user is automatically logged out and need to login again.

Basically a "Reset password" function used as login.

Pros

  • No password for the user to remember.
  • No password stored in the server that can be stolen.
  • Can be combined with two-factor-authentication.

Cons

  • A new way to login which the user might not be familiar with.
  • E-mails might be delayed making a login taking longer than desired.
  • Not compatible with password managers.

Further reading

Björn Larsson
  • 628
  • 5
  • 6
  • 3
    This is an awful login experience. There might be delays with message delivery. Message can go to spam. The process pulls user out of context: they were on some web site, they clicked the login link, now they have to go to whatever they use to read their email (it might be just another tab in the browser, but it might be a beast of a program, think Outlook) and click something there. – n0rd Oct 15 '18 at 23:10
  • +1 Thanks for your contribution. Have you seen examples of this that you can share screenshots or mockups to complete the response? I think @n0rd has a point about what the login experience might be to the user, but I think it needs to be weighed against respecting the user's wish not wanting to create accounts. – Michael Lai Oct 16 '18 at 00:14
  • @n0rd Correct! That's one of the cons I've listed. However, the users I've worked with don't consider that a con of any relevance. I guess your experience is different... – Björn Larsson Oct 16 '18 at 06:33
  • @MichaelLai See the top of the article at the first link in "Further reading". – Björn Larsson Oct 16 '18 at 06:33
  • 4
    This is awful for mobile users. I have to open the browser/app, click the login button, switch to the email app and click the link in a way that doesn't make it open inside the email app. It probably is more secure than the email/password combo, but it's a big hassle for the user. –  Oct 16 '18 at 09:42
  • 3
    @Morfildur Isn't that a little bit like saying two-factor-authentication is awful because you need to switch to the code generator app/look att your text messages on the mobile? I get the impression that you are magnifying problems that doesn't need to be problems. – Björn Larsson Oct 16 '18 at 09:56
  • Wouldn't this also be a security issue vulnerable to replay attacks? Email isn't a secure medium, and URLs are one of the pieces of an HTTP request that get dumped into server logs. – Kenneth K. Oct 16 '18 at 16:18
  • @KennethK. That's true, but it's also true when regarding the "Reset password" functionality sites uses today. Hence, this login method doesn't introduce any new vulnerabilities. – Björn Larsson Oct 17 '18 at 07:46
  • @BjörnLarsson But unless I'm misunderstanding your approach, a password reset link is (typically) only valid for a short period of time or is only valid for one access. This narrows the attack vector. Remembering the login for X days means an attacker has X days to replay the login. – Kenneth K. Oct 17 '18 at 12:42
  • 2
    -1 "No password to be stolen" People couldn't care less if there passwords were stolen, people care because that password protects stuff that they don't want to be accessed. You are still storing information that can be stolen. – user7886229 Oct 17 '18 at 14:09
  • 4
    @BjörnLarsson The user experience of two-factor authentication is awful. I'll generally only tolerate it when the consequences of having the account in question compromised are more awful. – jmbpiano Oct 17 '18 at 15:42
  • @KennethK. The user is kept logged in for X days. The login token however, would only be valid for a short amount of time. Same method as with password resets. – Björn Larsson Oct 18 '18 at 07:38
  • @JBis So you are voting down because you think it's better to keep passwords in a database (albeit hashed and salted) that can be stolen and used to access accounts on other sites? How is removing passwords from the picture a bad thing for you? – Björn Larsson Oct 18 '18 at 07:40
  • 1
    @jmbpiano I get the expression that you have decided to dislike solutions that doesn't involve passwords. If that's the case, then it will be impossible to have a constructive discussion about password-free solutions, no matter the pros. Please correct me if I've misunderstood you. – Björn Larsson Oct 18 '18 at 07:46
  • @BjörnLarsson As you already know, if salted and hashed properly (which to setup correctly, is extremely easy, which is why it boggles me why multi million/billion $$ companies fail to do it, i am talking to you, T Mobile with your MD5 shit, I digress) there is virtually no chance of getting the password from the hashes. Even if it was possible (or you make the point that many don't implement properly), your point is invalid IMO because you are still storing personal information that's not hashed or protected in anyway. And if they can get access to a pass dB, then they can get an info one. – user7886229 Oct 18 '18 at 10:56
  • While I am not against a password less solution you haven't proposed a better alternative IMO. The cons listed totally out way the pros. Pro #1 is a good point, but #2 as explained is invalids #3 Making the user check their email and then their texts for two separate codes is going to be really annoying. (Cons+=My Proposed cons) > Pros. – user7886229 Oct 18 '18 at 10:59
  • Feel free to propose a different password less solution and I would happily change my vote :) I would also be very interested in testing one on my site. – user7886229 Oct 18 '18 at 11:00
  • @BjörnLarsson Are you kidding? I love solutions that don't involve passwords. Give me a fingerprint scanner over a password any day of the week- it's much more convenient and (depending on implementation) just as secure. As for multi-factor authentication schemes, they are, by necessity (and often design) more of a hassle than any single-factor scheme, password or not. My objection is not to password-less authentication. My only objection is to your denial that your scheme is a bad UX because it's no worse than another form of bad UX that people have been known to tolerate. – jmbpiano Oct 18 '18 at 14:39
  • For what is worth, I have seen services that offer this approach. I believe Slack does it. However, it's in addition to normal username/password login. Also, you are kept logged in indefinitely - with Slack, I don't need to remember the password, as a one-time email sets up the machine for (essentially) the rest of eternity. Otherwise, I'd need to log in 3-4 times in the entirety of me using that account. That said, if I am using multiple devices, it quickly becomes cumbersome. – VLAZ Oct 19 '18 at 08:00
  • By contrast eBay essentially drove me to that with their insane PW policies, so any time I use it, I have to reset my password I can't remember, then be logged in. Since, I also need to re-authenticate basically any time I want to buy something from eBay, so it's more or less a situation of "send me an activation link" as I have to keep resetting the password. It's awful experience and I avoid buying stuff on eBay if I can find an alternative. So, having the option to use activation link could be useful but it's not be all and end all. It also helps if you have non-stupid PW policy. – VLAZ Oct 19 '18 at 08:01
  • 1
    I think some users are over-emphasising the hassle with this approach. On mobiles, an incoming email leads to an alert and so direct access to the mail. Clicking the link in the mail spawns a browser. So after entering your email, you're three clicks away from the logged in state (submit - open email - follow link). Not any less convenient than; fire up PW manager - find PW - copy - return to site - paste. – Oscar Bravo Oct 22 '18 at 07:11
  • This is no good idea for anything related to money. – allo Oct 22 '18 at 08:02