Login Options: email or username?
Moderator: General Moderators
Login Options: email or username?
Can anyone share with me their reasoning or experince with the following:
In designing a login script is there an advantage to requiring the user to supply an email address as their login identifier verses a user name?
When the user's email is the validation field I know that email addresses change and a more complex ereg is required but email addresses are seldom forgotten.
I know that when a user name is supplied they are easier to validate but they are often forgotten.
Can you tell me which you use (or perhaps a different validation field) and why?
Thank you for your experience!
In designing a login script is there an advantage to requiring the user to supply an email address as their login identifier verses a user name?
When the user's email is the validation field I know that email addresses change and a more complex ereg is required but email addresses are seldom forgotten.
I know that when a user name is supplied they are easier to validate but they are often forgotten.
Can you tell me which you use (or perhaps a different validation field) and why?
Thank you for your experience!
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
Re: Login Options: email or username?
I've used both as the identifier: The username, and the email.mhakes wrote:In designing a login script is there an advantage to requiring the user to supply an email address as their login identifier verses a user name?
...
Can you tell me which you use (or perhaps a different validation field) and why?
We switched away from the email because the application was exposing the email address of users in one area. We could have fixed that (and later did), but it seemed 'better' to change to username.
Later, we switched back to email when we needed a multi-game login system, where the usernames might be different in different games, but email would be consistent.
However, I didn't use either as their validation. I send users a confirmation code via email for validation. Thats in addition to the player-chosen password. That way, they have something they remember (password), and if they forget that, they have something they can receive (c_code) at their established email address.
email verses username
i am sure said:
I like that idea. Thank you.However, I didn't use either as their validation. I send users a confirmation code via email for validation. Thats in addition to the player-chosen password. That way, they have something they remember (password), and if they forget that, they have something they can receive (c_code) at their established email address.
It depends on the type of site. If it is a community type site I would say a logon id as people dont always want to share email addresses. If it is anything else then the email address works just fine. When a new persion registers I still create a unique id and use that throughout the site as the key for the user. This way if the user does change their email it is much easier to do.
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
Not sure what you mean - but using an email address as a username for login purposes does not necessitate it being used as the "Handle" name for community sites (i.e. what's displayed as a name in forums/webpages). Email addresses should never ever be revealed to anyone else on the same site unless the user has specifically opted in to do so.It depends on the type of site. If it is a community type site I would say a logon id as people dont always want to share email addresses. If it is anything else then the email address works just fine. When a new persion registers I still create a unique id and use that throughout the site as the key for the user. This way if the user does change their email it is much easier to do.
If you are going to have a 'handle' (in a forum) then it has to be unique so what is the point of logging in with an email address when you can just login with your unique 'handle'? This is probably why most forums have you login with a handle and not an email address.Maugrim_The_Reaper wrote:Not sure what you mean - but using an email address as a username for login purposes does not necessitate it being used as the "Handle" name for community sites (i.e. what's displayed as a name in forums/webpages). Email addresses should never ever be revealed to anyone else on the same site unless the user has specifically opted in to do so.It depends on the type of site. If it is a community type site I would say a logon id as people dont always want to share email addresses. If it is anything else then the email address works just fine. When a new persion registers I still create a unique id and use that throughout the site as the key for the user. This way if the user does change their email it is much easier to do.
IMO I like it better if I have the flexibility to use whatever I like however using an email address as username could be a problem and nightmares.
e.g. Someone signs up with e.g. peter@yahoo.com. He cancels that account with yahoo and one of the trizillion other Peters grabs it. He then signs up with you and gets told he is already a member. A nightmare to think about all possible scenarios that can get wrong.
Even if it is not likly to happen I don't like the idea of a design that works on the pure chance something like this never happens.
e.g. Someone signs up with e.g. peter@yahoo.com. He cancels that account with yahoo and one of the trizillion other Peters grabs it. He then signs up with you and gets told he is already a member. A nightmare to think about all possible scenarios that can get wrong.
Even if it is not likly to happen I don't like the idea of a design that works on the pure chance something like this never happens.
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
Very littleIf you are going to have a 'handle' (in a forum) then it has to be unique so what is the point of logging in with an email address when you can just login with your unique 'handle'? This is probably why most forums have you login with a handle and not an email address.
Would happen anyway in most cases - most signups require an email address to send password recovery emails when needed by the user. And such emails are nearly always validated (almost all - some don't bother). If someone did ever cancel an email account - may cause issues, but that seems a rare event.e.g. Someone signs up with e.g. peter@yahoo.com. He cancels that account with yahoo and one of the trizillion other Peters grabs it. He then signs up with you and gets told he is already a member. A nightmare to think about all possible scenarios that can get wrong.
There being exceptions to all rules - I suspect the user would have to use an alternate email or contact the administrator.