Iyfjky

Question

Trust and personal information security are very important issues these days when it comes to online accounts, so it is not unusual for people not wanting to create an account (i.e. provide personal information) when making purchases or requesting information.

So it would seem like most cases when users are forced to do so it is due to a business or technical rather than user requirement.

So the question is: what are the design patterns or techniques that creates a smoother user experience when forcing users to sign up or create an account? Bonus points if these techniques are actually ethical design practices as well!

Who's to say we need to require people to create an account when making purchases? — 2 days ago
You can use something like Stripe and even manage them as customers through the api. — 2 days ago
Unless customers are buying content say like Netflix , I see no need to ever require creating an account. If I ever come across a site that requires that I sign in, I skip it and go somewhere else. — yesterday
@ESR: But that's assuming that you are going to be making repeat purchases, and frequently enough so that info like credit card numbers/expirations (or even your address) are going to stay current between them. This isn't always the case. — yesterday
forceing users to make an account is missing from the title, the obvious answer to which is: don't. — 14 hours ago

User42 1155 · Answer 1 · 2018-10-16 15:44:07Z

Interesting question. To answer it I think we have to understand what's frustrating to users and then provide some alternate ways of doing things.

Also remember, if you don't need the user to create an account then don't make them!

Lengthy Forms

Users may find it frustrating to fill out a bunch of information in many different input fields. Especially when most of the information isn't going to be used. Try to only collect information you absolutely need and try to collect it in the most efficient way possible. Allow the user to take many shortcuts. While it may take more time and be quite annoying to include these shortcuts, it will make UE much better. For example, if an address field needs to be filled out, instead of making the user type their full address, city, state, country, zip code, etc. have the form automatically search as the user types in the address and fill in the information automatically. Also, have common domains autofill for emails (@gmail.com, @hotmail.com, 65+? @aol.com).

Passwords, passwords, passwords

This is a big one. Nobody likes passwords, nobody can remember passwords, and everyone hates them. Their approval rating is literally 0%. But, unfortunately, we need some way to authenticate a user. So, simplify this as best you can. Don't put extreme requirements (7.5 characters (Yeah you gotta figure out how to type 0.5 of a character), Uppercase, lowercase, numbers, can't have consecutive numbers, must include a Chinese character, etc.) these are extremely annoying to users and many will screw it up a bunch of times before getting it correct. Also, that isn't the best security practice either.

Allowing the user the option to login with another service (Google, Facebook, etc.) is a good option.

Additionally, when you sign up, you should automatically be signed in. Countless websites do this stupid thing where you signup and then are forced to retype your email, username, password just to sign back in.

Lastly, if the user does screw something up, don't clear everything out making the user retype all their information (ehem client side validation).

Verification

Many websites will require verification in some form of a text or an email. Many times emails will be delayed making the user wait extended periods of time. Allow the user to continue with what they were doing BEFORE verification. Make the last step confirming the email/text, giving time for the user to receive it.

Spamming my email

Simple: Don't do it. If the user wants to buy your product they will go to your site and purchase it, you don't need to send them constant reminders "[RANDOM ITEM THE USER DOESN'T WANT] 50% OFF LIMITED TIME". If you want to send the user emails about discounts have the user tell you they want that. Either have a subscribe button on item pages or something else.

Don't share their information

Don't be Facebook.

"Countless website do this stupid thing where you signup and then are forced to retype your email, username, password just to sign back in." or they don't redirect you to the page you were previously on before having logged in. This is UX 101. — 2 days ago
@ESR Grrrr. Talking about that I was on a site where I was create a an e-card. Wrote my entire letter and designed it. Told me to sign up to send it, so I did. And it redirected me to home page. I had to recreate the entire card. — 2 days ago
Site-managed autocomplete for anything besides physical-address lookup is likely to be a UX disaster. Properly specifying input type and autocomplete attributes is substantially friendlier. — 2 days ago
Re autofill: No, NO, NO! Unless it's something like automatically looking up the state from the ZIP code, few things are more annoying. — yesterday

WELZ 103114 · Answer 2 · 2018-10-15 01:56:12Z

Single Sign-On

Heavily utilize SSO services.

Add as much support for as many platforms as possible. Even though this is time consuming and compatibility issues increase as you increase the number you support, look at it like you are supporting more platforms (Android, iOS, Windows, Linux) because odds are the user will have one type of single sign on account that they regularly use.

Generate Passwords By Default

Another practice I've seen is generating the password for the user while still giving them the option to change the password if wanted. If the user wants to come back, then they'll write it down or change it. Odds are if they don't, it won't even bother them. You have their email, and if they want to get a password reset it would already be as easy as having access to their email/phone in most situations, so there is no actual loss of security as long as the password is generated correctly and sent of HTTPS.

Don't Ask Them for A Username

Lastly, don't make them come up with a username and email, one is enough.

If you follow all of these, you'll just need to make the purchase form ask for their first, last name (etc). This will allow for the creation of an account to happen almost transparently, and the user, beyond accepting the terms and conditions and clicking create, will not be hassled. One could even argue that the account is more securely created when the user doesn't have to create their own password, as they will not be prone to reuse a password from another site.

+1 I guess this works when there is a 'trusted' network of sites that the user is comfortable with exchanging or sharing information on. However, if the user wants to remain anonymous then what would be the best strategy? And will the users be fully aware of the implications of providing such information of SSO? — 2 days ago
don't make them come up with a username and email, one is enough I'd even say that username isn't always needed. If it's not going to be displayed (e.g., having public posting), then an email is enough. Users usually remember their email, so they don't need to remember another identification. If there is a need for username, by the gods, don't make it set in stone at the time of account creation. There is no real reason to. — 2 days ago
For what it's worth I refuse to use SSOs (e.g., Google, Facebook, etc.) to login or create an account on any website. You'll get my junk email address, nothing more. — yesterday
@DavidKamer I have yet to find a service compelling enough for me to create a junk SSO account. — yesterday
@DavidKamer but if you already have a gmail account signed in to google services that you do want, setting up a junk gmail account for SSO is one misclick away from linking your primary (and potentially very personal) online ID. I use google/SSO for a few things that started via Android so it was almost necessary (e.g. Strava) but otherwise an email address I control — 17 hours ago

usul 4213 · Answer 3 · 2018-10-15 04:45:03Z

I'm sorry for the presumption since I know nothing about your use case, but I'll be the one to say it: don't force them to make an account. Just don't. Users can understand when making an account is necessary. If they expect to use your site without an account, then either you've confused them about what the site does or it's probably possible.

That strong opinion stated, there are some options that work essentially like an account, but don't feel to the user like they've created an account. After an interaction, you can email them a unique link or code (for example inside a "confirmation" email). They can use that link or code to access relevant information in the future (e.g. shipping information). Another thing you can do, though I haven't seen it in the wild, is offer a "retrieve my info" page where they enter an email address and the link/code gets resent to them. Basically this is like logging in via a password reset email every time they visit the site.

Where is the line between the above tactic and creating an account? I would view this as ethical as long as you do not collect and store information about them or personalize their experience. If a user has not "signed up for an account" then I think they have some expectation of privacy regarding what is being collected and associated with their email address.

1st paragraph, +1. But if you have my email then I'm essentially already signed up. If it's a fake email, what was the point? That most people are idiots and will use their real email? You have my permission to presume all you want because this question belongs on IPS; it's a people problem, not a computer problem, and besides that it has a duplicitous title. — 9 hours ago
@Mazura, I definitely see where you're coming from. A more polite way of putting it is probably: if a user might rationally prefer to give a fake email, then providing an email and/or making an account should absolutely be optional. In the rest of my post I'm assuming the user has some good/useful reason for giving their email. — 7 hours ago

UX Labs 1,1271717 · Answer 4 · 2018-10-15 01:17:20Z

Thought you'd never ask, here are 4 things to look at:

1.Is the user ACTUALLY REQUIRED to create an account?

Many product managers/designers fail to ask themselves this important question, it has become one of the largest trends that every digital product out there needs to identify its users, while it's true we are much more able to achieve things when users create an account, it has to be a conscious decision rather than the intuitive ofcourse. By forcing everyone to create an account you are making an authority bet, which in many cases you lose.

2.Ask only for the relevant information
When the user is creating an account, the user has something in mind, a need to use your product/a task to be achieved, this requirement is merely an interruption to what the user is seeking, it's crucial that we keep the amount of user input as minimal as possible.

3.Ask for the right information at the right time
Imagine having to do your lifetime laundry at once, not so fun instead we prefer to do them on a weekly basis, user input is a similar case on a much smaller scale - considering the exaggeration it's more like microscopic scale. but! it gives the same effect.

Rather than asking for the address at the registration before even trying your product ask it on the checkout, or the more important one should the user register before using your product or at the very end of it.

PS: This is mistake is common at the hands of fullstack developers since if the mindset used for designing the database is the same as designing the forms, lord's mercy.. the poor user..

4.Simplify the User Input
Go as creative as it gets with this one because there are so many ways to approach it a couple of examples:

4.1. Single Sign On, the one click registration

4.2. Fill the form on behalf of the user and let the user correct it-when possible-

I'm sure many of us here know we can guess the country from the IP address, what else can we guess is michael.lai@some-email.com implying First Name Michael & Last Name Lai?

4.3. Question the fields you're asking for, it reflects on the interaction pattern, do i need to ask for the full birthday? or am i only concerned in knowing the user is over 13 years old? the difference is Date Field vs Checkbox i guess you know how much that is in user time/frustration.

4.4. Field grouping and sequence, reflect the user mental model.

4.5 Don't exaggerate password complexity (unless you have a good reason)

and the list goes on..

+1 nice breakdown of some very relevant issues and well explained. Any good screenshots or examples to go with it? :) — 2 days ago
do i need to ask for the full birthday? perhaps it's some sort of statistical anomaly but a lot of services that ask for that information attract disproportionate amount of people born on the 1st of January. — 2 days ago
+1 plus tell the user the advantages to them of having an account with you. If you can't come up with any advantages, don't demand an account. — 22 hours ago

Martyn 1,377417 · Answer 5 · 2018-10-15 05:58:52Z

As you mention online purchases, the best is to let people checkout without needing to creating an account. They still have to fill out tons of details for their delivery, just ask them at the end if they want to create an account so they can check on their order easier.

Doing this, you ask it at the right time, when there is a benefit for the user.

And if they do, auto-populate as much information as you can from the order they just placed (don't ask for their address again). — yesterday

Kristiyan Lukanov 10.6k32356 · Answer 6 · 2018-10-15 07:14:49Z

Use Social Sign Up

You are right creating a new account requires considerable effort and 86% of surveyed people report being bothered by it. However, it has been found that social sign up increases conversion rates by around 52%.

It is not hard to explain why. Social signup requires only one click and you're in. Compared to the traditional way where you need to decide which email and password to use, recall the last password you used, and deal with password rules which could force you to invent new password. It just requires a lot of cognitive load to recall, store and remember passwords.

A very good example of using social sign up is Pinterest

enter image description here

Here you don't even have to click if you are already logged in to Facebook or Google. The registration is virtually frictionless. As a plus, 67% of your consumers are more likely to return to your website because you don't force them to create username or password. Social sign up also increases user engagement.

enter image description here

The most popular social login options are Facebook and Google.
In addition, there is a comprehensive study outlining the most popular social sign up options by business vertical.

Conclusion

Among the other proposed methods for reducing user registration pains we should consider social sign up as it shows promising results. It requires considerably less effort to sign up, and increases the user engagement or your returning users.

Please, don't make these services the only option. I'm a happy email-and-password user myself, and I don't want to connect any other accounts (and in fact, I have no accounts on places supporting this). — yesterday
Sorry, wasn't trying to say you did. Just leaving this here in case someone else saw your answer and thought "Gee, that sounds great! Let's remove email and password, because nobody uses it!" — 21 hours ago

score 2 · Answer 7 · 2018-10-16 18:27:00Z

1. Highlight the benefits

Ã¢Â€ÂœYou do not need to create an account to make purchases on our site. Simply click Continue to proceed to checkout. To make your future purchases even faster, you can create an account during checkout.Ã¢Â€Â

Source: The $300 Million Button

2. Create a sandbox

When authentication is necessary (i.e. for reading and writing data etc.) offer the user a temporary guest account to try it out and kick the tires in order to make sure it works for them before creating their own permanent account.

3. Hire a doorman

Imagine a Doorman at a fancy apartment building saying "Welcome home Ms. Kimball" and letting you in. Wouldn't it be great if technology could just recognize you while requiring additional things from strangers who want entry?

Apple's FaceID is an example of "Doorman authentication" which may eventually carry over into authenticating online. This would virtually eliminate the need to create accounts and remember passwords all over the place while introducing some other problems such as one person filling the role of multiple users.

Further explained in the answer below...

Should users be allowed to use any special character they want when creating a password?

4. Trust is hard to gain and easy to lose

Storing personal things about a user without their knowledge will erode trust. Don't store personally identifiable information without first asking permission.

Sascha 211 · Answer 8 · 2018-10-16 21:28:13Z

There is a whole new approach, based on the Ethereum Blockchain.

It is called "Universal Logins". The base idea is to create a key pair and deploy a contract on the Ethereum Blockchain that accepts messages from that public key.

The goal here is not to have the best onboarding experience on the ethereum ecosystem, but the best login anywhere on the internet. For starters the current running code has these advantadges:

No need to type or remember a password anywhere

Instant login in multiple devices

No need to download or install anything extra

No single server with private data that can be attacked or leaked
(but beware of the public data you share on the blockchain)

The user can take the account they created in one app and use it to
login in another app

If the app goes offline, the users can still access their data

User is in control

Drawbacks are, creating the user itself has a cost, since their account is a contract that needs to be deployed.

More Details here: https://medium.com/@avsa/universal-logins-first-demo-1dc8b17a8de7

+1 Thanks for your contribution to UXSE. I have looked into some of the concepts in the blockchain space around personal identity and information security and it is certainly full of innovation! — 5 hours ago

score 1 · Answer 9 · 2018-10-17 02:37:22Z

Patterns Without Accounts

It is possible to create a rich user experience without forcing users to create an account. Three prominent examples: PUBG Mobile, Imgur, Microsoft Office.

Guest Accounts: PUBG Mobile offers guest accounts. Users are identified by a globally unique identifier and are able to progress through the full gameplay experience. Accounts are opt-in and provide a better experience by unlocking multi-device syncing and cloud backup. If a user invests enough time in PUBG Mobile to require those features, theyÃ¢Â€Â™re likely to want an account (vs feeling forced). I donÃ¢Â€Â™t know if in-app purchases can be made without an account. Personal anecdote: I tried PUBG Mobile instead of Fortnite (account required) because PUBG made it easy to start playing without an account.

Throwaway Accounts: Imgur allows anonymous uploads. I donÃ¢Â€Â™t think they can be edited once the browser session ends. Additional community features open up to people who choose to create accounts (it seems like they may be gradually shifting to requiring accounts as usage grows, but I donÃ¢Â€Â™t use it enough to know for sure).

Data Files: Microsoft Office provides tools for interacting with data, but stores the data on the userÃ¢Â€Â™s computer. The Microsoft 365 version of Excel adds syncing and other cloud features in exchange for creating an account. A number of applications implement this approach by storing documents in a userÃ¢Â€Â™s Dropbox account rather than on their computer.

Matchmaking: IÃ¢Â€Â™m unaware of a notable example, but WebRTC chat apps offer a less common example, which is that a user can go to the site, generate a one time token, then provide that token to someone else to initiate a chat. The token may or may not persist beyond a single use.

I hope the above help you to think of some ways you might be able to let people use your app without an account. As these examples show it is possible to defer account creation until users demand an account from you (or even forever).

+1 some nice options here :)
â€“Â Michael Laiâ™¦
5 hours ago — 5 hours ago

score 0 · Answer 10 · 2018-10-15 15:14:52Z

No passwords! At all!

I would like to add to previous, excellent answers that it's possible to create a login-site which neither demands nor store passwords.

Use case

This is what it would look like when the user wants to login on a password-less site...

The user enters his/her email adress.

An email with a login link is sent (much like when one resets a password on a traditional site).

The user follows the link.

The website uses the login token in the link to login the user.

The login is remembered for X days.

After X days the user is automatically logged out and need to login again.

Basically a "Reset password" function used as login.

Pros

No password for the user to remember.

No password stored in the server that can be stolen.

Can be combined with two-factor-authentication.

Cons

A new way to login which the user might not be familiar with.

E-mails might be delayed making a login taking longer than desired.

Not compatible with password managers.

Single Sign-On

Heavily utilize SSO services.

Add as much support for as many platforms as possible. Even though this is time consuming and compatibility issues increase as you increase the number you support, look at it like you are supporting more platforms (Android, iOS, Windows, Linux) because odds are the user will have one type of single sign on account that they regularly use.

Generate Passwords By Default

Another practice I've seen is generating the password for the user while still giving them the option to change the password if wanted. If the user wants to come back, then they'll write it down or change it. Odds are if they don't, it won't even bother them. You have their email, and if they want to get a password reset it would already be as easy as having access to their email/phone in most situations, so there is no actual loss of security as long as the password is generated correctly and sent of HTTPS.

Don't Ask Them for A Username

Lastly, don't make them come up with a username and email, one is enough.

If you follow all of these, you'll just need to make the purchase form ask for their first, last name (etc). This will allow for the creation of an account to happen almost transparently, and the user, beyond accepting the terms and conditions and clicking create, will not be hassled. One could even argue that the account is more securely created when the user doesn't have to create their own password, as they will not be prone to reuse a password from another site.

+1 I guess this works when there is a 'trusted' network of sites that the user is comfortable with exchanging or sharing information on. However, if the user wants to remain anonymous then what would be the best strategy? And will the users be fully aware of the implications of providing such information of SSO? — 2 days ago
don't make them come up with a username and email, one is enough I'd even say that username isn't always needed. If it's not going to be displayed (e.g., having public posting), then an email is enough. Users usually remember their email, so they don't need to remember another identification. If there is a need for username, by the gods, don't make it set in stone at the time of account creation. There is no real reason to. — 2 days ago
For what it's worth I refuse to use SSOs (e.g., Google, Facebook, etc.) to login or create an account on any website. You'll get my junk email address, nothing more. — yesterday
@DavidKamer I have yet to find a service compelling enough for me to create a junk SSO account. — yesterday
@DavidKamer but if you already have a gmail account signed in to google services that you do want, setting up a junk gmail account for SSO is one misclick away from linking your primary (and potentially very personal) online ID. I use google/SSO for a few things that started via Android so it was almost necessary (e.g. Strava) but otherwise an email address I control — 17 hours ago

usul 4213 · Answer 13 · 2018-10-15 04:45:03Z

I'm sorry for the presumption since I know nothing about your use case, but I'll be the one to say it: don't force them to make an account. Just don't. Users can understand when making an account is necessary. If they expect to use your site without an account, then either you've confused them about what the site does or it's probably possible.

That strong opinion stated, there are some options that work essentially like an account, but don't feel to the user like they've created an account. After an interaction, you can email them a unique link or code (for example inside a "confirmation" email). They can use that link or code to access relevant information in the future (e.g. shipping information). Another thing you can do, though I haven't seen it in the wild, is offer a "retrieve my info" page where they enter an email address and the link/code gets resent to them. Basically this is like logging in via a password reset email every time they visit the site.

Where is the line between the above tactic and creating an account? I would view this as ethical as long as you do not collect and store information about them or personalize their experience. If a user has not "signed up for an account" then I think they have some expectation of privacy regarding what is being collected and associated with their email address.

1st paragraph, +1. But if you have my email then I'm essentially already signed up. If it's a fake email, what was the point? That most people are idiots and will use their real email? You have my permission to presume all you want because this question belongs on IPS; it's a people problem, not a computer problem, and besides that it has a duplicitous title. — 9 hours ago
@Mazura, I definitely see where you're coming from. A more polite way of putting it is probably: if a user might rationally prefer to give a fake email, then providing an email and/or making an account should absolutely be optional. In the rest of my post I'm assuming the user has some good/useful reason for giving their email. — 7 hours ago

UX Labs 1,1271717 · Answer 14 · 2018-10-15 01:17:20Z

Thought you'd never ask, here are 4 things to look at:

1.Is the user ACTUALLY REQUIRED to create an account?

Many product managers/designers fail to ask themselves this important question, it has become one of the largest trends that every digital product out there needs to identify its users, while it's true we are much more able to achieve things when users create an account, it has to be a conscious decision rather than the intuitive ofcourse. By forcing everyone to create an account you are making an authority bet, which in many cases you lose.

2.Ask only for the relevant information
When the user is creating an account, the user has something in mind, a need to use your product/a task to be achieved, this requirement is merely an interruption to what the user is seeking, it's crucial that we keep the amount of user input as minimal as possible.

3.Ask for the right information at the right time
Imagine having to do your lifetime laundry at once, not so fun instead we prefer to do them on a weekly basis, user input is a similar case on a much smaller scale - considering the exaggeration it's more like microscopic scale. but! it gives the same effect.

Rather than asking for the address at the registration before even trying your product ask it on the checkout, or the more important one should the user register before using your product or at the very end of it.

PS: This is mistake is common at the hands of fullstack developers since if the mindset used for designing the database is the same as designing the forms, lord's mercy.. the poor user..

4.Simplify the User Input
Go as creative as it gets with this one because there are so many ways to approach it a couple of examples:

4.1. Single Sign On, the one click registration

4.2. Fill the form on behalf of the user and let the user correct it-when possible-

I'm sure many of us here know we can guess the country from the IP address, what else can we guess is michael.lai@some-email.com implying First Name Michael & Last Name Lai?

4.3. Question the fields you're asking for, it reflects on the interaction pattern, do i need to ask for the full birthday? or am i only concerned in knowing the user is over 13 years old? the difference is Date Field vs Checkbox i guess you know how much that is in user time/frustration.

4.4. Field grouping and sequence, reflect the user mental model.

4.5 Don't exaggerate password complexity (unless you have a good reason)

and the list goes on..

+1 nice breakdown of some very relevant issues and well explained. Any good screenshots or examples to go with it? :) — 2 days ago
do i need to ask for the full birthday? perhaps it's some sort of statistical anomaly but a lot of services that ask for that information attract disproportionate amount of people born on the 1st of January. — 2 days ago
+1 plus tell the user the advantages to them of having an account with you. If you can't come up with any advantages, don't demand an account. — 22 hours ago

Martyn 1,377417 · Answer 15 · 2018-10-15 05:58:52Z

As you mention online purchases, the best is to let people checkout without needing to creating an account. They still have to fill out tons of details for their delivery, just ask them at the end if they want to create an account so they can check on their order easier.

Doing this, you ask it at the right time, when there is a benefit for the user.

And if they do, auto-populate as much information as you can from the order they just placed (don't ask for their address again). — yesterday

Kristiyan Lukanov 10.6k32356 · Answer 16 · 2018-10-15 07:14:49Z

Use Social Sign Up

You are right creating a new account requires considerable effort and 86% of surveyed people report being bothered by it. However, it has been found that social sign up increases conversion rates by around 52%.

It is not hard to explain why. Social signup requires only one click and you're in. Compared to the traditional way where you need to decide which email and password to use, recall the last password you used, and deal with password rules which could force you to invent new password. It just requires a lot of cognitive load to recall, store and remember passwords.

A very good example of using social sign up is Pinterest

enter image description here

Here you don't even have to click if you are already logged in to Facebook or Google. The registration is virtually frictionless. As a plus, 67% of your consumers are more likely to return to your website because you don't force them to create username or password. Social sign up also increases user engagement.

enter image description here

The most popular social login options are Facebook and Google.
In addition, there is a comprehensive study outlining the most popular social sign up options by business vertical.

Conclusion

Among the other proposed methods for reducing user registration pains we should consider social sign up as it shows promising results. It requires considerably less effort to sign up, and increases the user engagement or your returning users.

Please, don't make these services the only option. I'm a happy email-and-password user myself, and I don't want to connect any other accounts (and in fact, I have no accounts on places supporting this). — yesterday
Sorry, wasn't trying to say you did. Just leaving this here in case someone else saw your answer and thought "Gee, that sounds great! Let's remove email and password, because nobody uses it!" — 21 hours ago

score 2 · Answer 17 · 2018-10-16 18:27:00Z

1. Highlight the benefits

Ã¢Â€ÂœYou do not need to create an account to make purchases on our site. Simply click Continue to proceed to checkout. To make your future purchases even faster, you can create an account during checkout.Ã¢Â€Â

Source: The $300 Million Button

2. Create a sandbox

When authentication is necessary (i.e. for reading and writing data etc.) offer the user a temporary guest account to try it out and kick the tires in order to make sure it works for them before creating their own permanent account.

3. Hire a doorman

Imagine a Doorman at a fancy apartment building saying "Welcome home Ms. Kimball" and letting you in. Wouldn't it be great if technology could just recognize you while requiring additional things from strangers who want entry?

Apple's FaceID is an example of "Doorman authentication" which may eventually carry over into authenticating online. This would virtually eliminate the need to create accounts and remember passwords all over the place while introducing some other problems such as one person filling the role of multiple users.

Further explained in the answer below...

Should users be allowed to use any special character they want when creating a password?

4. Trust is hard to gain and easy to lose

Storing personal things about a user without their knowledge will erode trust. Don't store personally identifiable information without first asking permission.

Sascha 211 · Answer 18 · 2018-10-16 21:28:13Z

There is a whole new approach, based on the Ethereum Blockchain.

It is called "Universal Logins". The base idea is to create a key pair and deploy a contract on the Ethereum Blockchain that accepts messages from that public key.

The goal here is not to have the best onboarding experience on the ethereum ecosystem, but the best login anywhere on the internet. For starters the current running code has these advantadges:

No need to type or remember a password anywhere

Instant login in multiple devices

No need to download or install anything extra

No single server with private data that can be attacked or leaked
(but beware of the public data you share on the blockchain)

The user can take the account they created in one app and use it to
login in another app

If the app goes offline, the users can still access their data

User is in control

Drawbacks are, creating the user itself has a cost, since their account is a contract that needs to be deployed.

More Details here: https://medium.com/@avsa/universal-logins-first-demo-1dc8b17a8de7

+1 Thanks for your contribution to UXSE. I have looked into some of the concepts in the blockchain space around personal identity and information security and it is certainly full of innovation! — 5 hours ago

score 1 · Answer 19 · 2018-10-17 02:37:22Z

Patterns Without Accounts

It is possible to create a rich user experience without forcing users to create an account. Three prominent examples: PUBG Mobile, Imgur, Microsoft Office.

Guest Accounts: PUBG Mobile offers guest accounts. Users are identified by a globally unique identifier and are able to progress through the full gameplay experience. Accounts are opt-in and provide a better experience by unlocking multi-device syncing and cloud backup. If a user invests enough time in PUBG Mobile to require those features, theyÃ¢Â€Â™re likely to want an account (vs feeling forced). I donÃ¢Â€Â™t know if in-app purchases can be made without an account. Personal anecdote: I tried PUBG Mobile instead of Fortnite (account required) because PUBG made it easy to start playing without an account.

Throwaway Accounts: Imgur allows anonymous uploads. I donÃ¢Â€Â™t think they can be edited once the browser session ends. Additional community features open up to people who choose to create accounts (it seems like they may be gradually shifting to requiring accounts as usage grows, but I donÃ¢Â€Â™t use it enough to know for sure).

Data Files: Microsoft Office provides tools for interacting with data, but stores the data on the userÃ¢Â€Â™s computer. The Microsoft 365 version of Excel adds syncing and other cloud features in exchange for creating an account. A number of applications implement this approach by storing documents in a userÃ¢Â€Â™s Dropbox account rather than on their computer.

Matchmaking: IÃ¢Â€Â™m unaware of a notable example, but WebRTC chat apps offer a less common example, which is that a user can go to the site, generate a one time token, then provide that token to someone else to initiate a chat. The token may or may not persist beyond a single use.

I hope the above help you to think of some ways you might be able to let people use your app without an account. As these examples show it is possible to defer account creation until users demand an account from you (or even forever).

+1 some nice options here :)
â€“Â Michael Laiâ™¦
5 hours ago — 5 hours ago

score 0 · Answer 20 · 2018-10-15 15:14:52Z

No passwords! At all!

I would like to add to previous, excellent answers that it's possible to create a login-site which neither demands nor store passwords.

Use case

This is what it would look like when the user wants to login on a password-less site...

The user enters his/her email adress.

An email with a login link is sent (much like when one resets a password on a traditional site).

Category

Random preview

How to create better user account creation experience for customers who do not want to create an account

10 Answers 10

Single Sign-On

Generate Passwords By Default

Don't Ask Them for A Username

Use Social Sign Up

Conclusion

1. Highlight the benefits

2. Create a sandbox

3. Hire a doorman

4. Trust is hard to gain and easy to lose

No passwords! At all!

Use case

Pros

Cons

Further reading

Your Answer

Sign up or log in

Post as a guest

Post as a guest

10 Answers 10

10 Answers 10

Single Sign-On

Generate Passwords By Default

Don't Ask Them for A Username

Single Sign-On

Generate Passwords By Default

Don't Ask Them for A Username

Single Sign-On

Generate Passwords By Default

Don't Ask Them for A Username

Single Sign-On

Generate Passwords By Default

Don't Ask Them for A Username

Use Social Sign Up

Conclusion

Use Social Sign Up

Conclusion

Use Social Sign Up

Conclusion

Use Social Sign Up

Conclusion

1. Highlight the benefits

2. Create a sandbox

3. Hire a doorman

4. Trust is hard to gain and easy to lose

1. Highlight the benefits

2. Create a sandbox

3. Hire a doorman

4. Trust is hard to gain and easy to lose

1. Highlight the benefits

2. Create a sandbox

3. Hire a doorman

4. Trust is hard to gain and easy to lose

1. Highlight the benefits

2. Create a sandbox

3. Hire a doorman

4. Trust is hard to gain and easy to lose

No passwords! At all!

Use case

Pros

Cons

Further reading

No passwords! At all!

Use case

Pros

Cons

Further reading

No passwords! At all!

Use case

Pros

Cons

Further reading

No passwords! At all!

Use case

Pros

Cons

Further reading

10 Answers
10

10 Answers
10

10 Answers
10