Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What to use for login ID?

Tags:

authentication

web-applications

account

We are in the early design stages of a major rewrite of our product. Right now our customers are mostly businesses. We manage accounts. User names for an account are each on their own namespace but it means that we can't move assets between servers.

We want to move to a single namespace. But that brings the problem of unique user names.

So what's the best idea?

  • Email address (w/verification) ?
  • Unique alpha-numeric string ("johnsmith9234")?
  • Should we look at OpenID?
like image 362
Mark Renouf Avatar asked Aug 08 '08 15:08

Mark Renouf

People also ask

What should a login ID be?

Your username should be simple enough to remember but hard to guess. Never use easy-to-guess numbers with your usernames (for example, address or date of birth). Don't use your Social Security number or ID number as your username. If you're struggling, try an online username generator.

What is an example of a login ID?

Since the userid identifies you to the computer, it is natural for it to be used to identify you to other computer systems. For example: The person Joe B. User could have this userid, "jbu3470". The userid is made up of the person's initials and the digits of some personal identification number.

1 Answers

EMAIL ADDRESS

Rational

  1. Users don't change emails very often
  2. Removes the step of asking for username and email address, which you'll need anyway
  3. Users don't often forget their email address (see number one)
  4. Email will be unique unless the user already registered for the site, in which case forward them to a forgot your password screen
  5. Almost everyone is using email as the primary login for access to a website, this means the rate of adoption shouldn't be affected by the fact that you're asking for an email address

Update

After registration, be sure to ask the user to create some kind of username, don't litter a public site with their email address! Also, another benefit of using an email address as a login: you won't need any other information (like password / password confirm), just send them a temp password through the mail, or forgo passwords altogether and send them a one-use URL to their email address every time they'd like to login (see: mugshot.org)

like image 127
Jake McGraw Avatar answered Nov 10 '22 11:11

Jake McGraw
Sign in to Comment

Related questions

Using authentication token in azure sdk fluent
SuppressDefaultHostAuthentication in WebApi.Owin also suppressing authentication outside webapi
What is OAuth and how does it secure REST API calls? [closed]
How to perform token authentication in elasticsearch?
jwt_auth_no_auth_header error on validating WordPress REST API JWT token
Download a file from the internet using java : How to authenticate?
use facebook iOS client authorization on own to server
How to populate user profile with django-allauth provider information?
How to make ASP.NET Web API respond 403 or 401 appropriately?
Custom WCF authentication with System.ServiceModel.ServiceAuthenticationManager?
Node.js and Passport Object has no method validPassword
Authenticating with Meteor via DDP (and SRP?)
AngularJS | handle routing before they load
Unique web browser identification ID for web control panel logins in Perl
Re-authenticating User Credentials Swift
Why would my REST service .NET clients send every request without authentication headers and then retry it with authentication header?
Twitter API Postman: Code 32: Could not authenticate you
Rails authentication plugin recommendation
what is the devise_mapping variable and how can I include it?
Unable to import certificate to cacerts

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!