The Blog

Email address and usernames

Posted by Tim on the 28 May in Copy Writing

During our time developing login systems for sites such as the CMA we’ve run into a few interesting things that effect us all every day, so I want to take a few minutes to talk about one of them.

When we first saw the pre-Design Militia CMA site, it required users to log into the membership area via a username and password.  While we initially evaluated this system and decided to transfer it to the new site, it became clear that while this system had its benefits, it wasn’t right for the CMA.  Let me explain...

The front-end website was only one aspect of our work with the CMA. We also rebuilt the back-end system, including user account management, sales and customer relationship management. As with all our larger projects, we conducted user-research before going about re-designing the system, including user-interviews, stake-holder interviews and observations.

While conducting user interviews with user accounts manager we noticed that much of her time was spent re-sending forgotten login details to the CMA membership. In fact a vast amount of her time was devoted solely to this. Passwords were normally assigned by membership id and to keep the usernames unique, they were created by the process of using the first letter of first name, the last name in full and user-id stuck at the end (example: jblogs1234).

Initially we thought, 'why not allow members to decide their own username and password?' But this was not practical for the CMA, because sign-up wasn’t actually an automated process.  Members have to be reviewed and then invoiced before being allowed access to the site due to the level of exclusivity involved. Once the member is reviewed and has paid - a new user account is created in the back-end and login credentials are then sent to the user via email.

This method of username and password is definitely not the most secure method. The main reason the old system used usernames was to keep them unique and for ease of resending when the user inevitably forget their login details. But based on that argument, surely email addresses are even more unique... and if the email address is already in the system then it's a win/win situation! Okay, so there are some classic arguments against using emails for login, such as:

  1. People may stop using an active email address and then forget it over a period of inactivity
  2. People creating fake email addresses to speed up signup (me [at] me.com)
  3. People have more than one email address

I think that any arguments either for or against email logins need to be addressed within the context of use. With the CMA’s website, members are paying for the service and their email is the means of contact once they have applied for membership. It’s a simple thing to remember for them, since they’ll most likely already know their own email address and don’t have to commit a new login to memory, whether it’s chosen by the site automatically, or by them.

One thing to bear in mind when deciding whether to use username or email address for login is the fundamental reason for it - which is to identify a user within a database. If you can do that with the email address, your users will often thank-you for letting them save their memory for more useful tasks!

Back to blog

  • Digg this post
  • Stumbleupon
  • del-icio-us

Stay Connected

Twitter Feed

Check out 25 Eye-Popping Internet Marketing Stats for 2012 at http://t.co/Gn9p7zSX
15 days ago

RSS Feed

Blog Feed
Twitter Freed

Design Militia Flickr

View our photo stream.

Hire us for your next project

Pick up the phone or send us an email to discuss your project requirements whether you're a sole trader, small business or multi-national company.

Find out more