Amen. I can’t even count how many websites I’ve gone, “hey, that looks neat!” click “oh.” close.
Dang, and I was just going to send you an invite to Facebook…
I’m pretty sure ASP.NET’s Membership Profile feature set supports this functionality of starting with an “Anonymous Profile” and later associating with a new user. I’d have to dig, since I haven’t had a need for it lately, but I remember seeing it when poking around in the docs.
I already noticed this problem, so when I redesigned my website, I made sure that not only would people not be intimidated by the login block, I also made sure that my website was more inviting for people to converse.
http://www.dranger.com/weblog/entry/inaugural.html
Basically, I completely removed the verification step. How do I prevent spam? Simple: the login is all Javascript. Then, to make sure people have a conversation instead of talking to a black hole, I have a comment hierarchy and it will email the user if anyone replies to them.
I don’t know if it is still the case, but a few years back, I was terribly frustrated by the fact that Oracle made me create a user profile just to search the online docs.
I think that so many sites are just doing what has been popular for years in the online world. I know that one of the main reasons that I started learning PHP way back when was to create a membership system. There are a fair amount of developers out there who have the user login for no better reason then the fact that the wrote one up and wanted to impliment it.
Personaly, the main reason that I ever used login systems was to try and thwart robots from posting stuff on my sites, now that CAPTCHA is easy to impliment, and something that many sites use, I think that we should abandon the standard user login just use the CAPTCHA, unless of course you have information that MUST be stored and linked to a specific person.
A much more serious issue that no one has mentioned is the wretched vile rise of PHP-Javascript-MmySQL-driven websites. If the login process occurred quickly, I probably wouldn’t find. Automated with cookies, once upon a time, logins took only a few seconds. Specific example: ebay circa 1998. Login was fast, pages appeared quickly, no problem.
Fast forward to 2007. Now the PHP-overburdened pages take up to 45 seconds or a minute of thrashing and flailing and churning, churning, churning on the overloaded servers in order to process the login php script. Then you wait some more while the server thrashes and flails some more, paiting all that unnecessary eye-candy gradient-background shaded-button crap on the screen. Then you hit more login barriers on the new ebay. Almost every time you want to do something, you must login again…and again…and again… And each time, it’s another minute to 45 seconds for the overloaded server to thrash and flail through its php scripts, access the mySQL database with your cookie info in it, compare it, and log you in.
Gmail has gotten especially bad courtesy of this PHP-mySQL-Javascript crap. Sometimes gmail gives me an error message after a couple of minutes “It’s taking longer than usual to load your mail – would you prefer to use an HTML-only version of your gmal page?”
This is a stark staring admission that PHP-Javascript-mySQL is a disaster. The servers are being massively overloaded and the login scripts that once ran quickly on all-HTML pages using simple cgi now bog down for minutes at a time on pages massively overloaded with all kinds of useless worthless eye-candy php scripts.
Of course the rejoinder is: “These big orgs should get bigger better servers.” But that’s stupid. Servers always wind up being overloaded. Servers always bog down under too many processes, too many database accesses, too many javascript function calls running at once, too many php scripts trying to execute. Since we live in the real world were servers are always overloaded, the smart move is to stick to plain HTML pages and simple login scripts. If you must use php to log someone in, for god’s sake dump all the php crap that generates all that worthless useless eye candy on the web page. To hell with gradient backgrounds, to tell with shaded buttons, to hell with elaborate news-of-the-day or what’s-new or latest-info or catalog-update php scripts. Simple HTML links! Simple URLs! Simple, simple, simple, peopple. KEEP IT SIMPLE, STUPID.
Want to see a web page by people who do this? Who log you on FAST? Who NEVER use php to crap up the page with graphics junk and bog everything down?
Google home page. No gradients. No fancy buttons. No “latest news item” column updated by some f***ing slow-ass php script. And guess what? The google home page runs FAST.
Compare that with the php-javascript-mySQL-encrusted hotmail homepage. I sometimes bail from the hotmail homepage because it times out before even logging me on. With other php-encrusted crapsites like Slashdot, I typically log on with a non-javascript browser Off By One with images turned OFF.
I have timed the delay for php to paint all that shaded-button and gradient-background garbage on my screen for the Slashdot site, and I have compared it with the plain simple pageview of straight bare HTML and test-only in the Off By One browser. Running Mozilla Firefox 2.0.1, it takes more than a minute to paint all that shite on the screen and just give me the text of the slashdot site. 90% of that time is wasted serving graphics and flash and other junk from worthless infuriating ads, which must be splattered across the screen before the text content of the site even shows up.
it takes 18 seconds to paint the text-only HTML of slashdow on my screen in the Off By One browser with graphics turned off.
Something is horribly wrong, people. PHP is shite. Javascript is bogging everything down. Your mySQL accesses are grinding everything to a halt. And all for nothing. Nothing! Most javascript is used for worthless eye-candy junk like rollovers. Most php is used for pointless garbage like painting gradient backgrounds on the screen.
KEEP IT SIMPLE, STUPID!
Avoid logins if at all possible, and for the love of god, Montresor! GET RID OF 90% OF THAT USELESS WORTHLESS EYE-CANDY PHP AND JAVASCRIPT CRAP!
(Incidentally, in case you think it’s my computer, bzzt. Wrong! 2.4 Ghz P4 with 512 megs running Windows 200 Pro SP4. It’s not my OS or my machine, it YOUR CRAP CODE, WEB PROGRAMMERS. KISS! KISS! KISS!)
Once upon a time there were no barriers, and the hackers owned everything. You can have an interface that is easy to use, or secure. Pick one.
While I am not defending the practice of forcing a login to view developer API’s at least it helps the vendor learn a little about who their potential attackers are.
Email addresses have one thing going for them… They’re guaranteed to be unique. I do agree that the site should inform you they are using it for your Login ID though. Still, it’s a good practice to keep a garbage email around to use just for registering with sites. Microsoft will kindly give you a free one and you can use it to help reduce your main email’s spam.
And while you may end up getting more hits by not requiring logins to access demo’s and whatnot, you are definitely getting lower quality hits. I have registered on sites for applications where the developer has taken the time to follow up and on at least two occasions the resulting communications have convinced me to buy their product.
In one site I helped develop, I threw out the idea that we only require an email address (with all appropriate “we won’t email you, ever, or sell this to someone else” disclosures).
Using just that way of identifying yourself, you get a large portion of functionality. But if you wanted the power to do more (some financial stuff) you had to go through the full rigmarole to setup. At that point the user was pretty comfortable with us and didn’t mind. Plus, when dealing with anything money related, a user normally WANTS to lock it down as much as possible.
If your site really doesn’t contain confidential info, then why make users give you some of their “secret” information?
Just make an account with a free email address, login, get your stuff and never return
when you receive too much spam, get another one
a lot of people do this, forcing registering gives a lot of ‘ghost’ accounts.
mclaren: Though you seem like a troll, I’ll bite… if it’s taking you a minute to load slashdot there’s something wrong on your end. It always loads in just a couple of seconds no matter where I use it from (which, I must admit, is many places and often…)
I too find login screens frustrating. I’m tired of having to create a login and go through the both of registering, and having yet another login ot remember, just to poke around on a site, or read an article. Quite often unless I really need the info, its click…oh, well never mind then, and off to another site.
I forget what site it is, but whenever I’m searching for help on technical issues there is one site that often comes up at the top of search results. Something with Tech in the name, and it requires you to login before you can see the tip or discussion post you are looking for. Argh. So usually I don’t even click on their links in search results anymore. For me its not the giving them my email that bothers me, I have a junk account for that…its the time it takes.
Well, I once was involved in a website where everything was private, so the standard method to starting a page was to automatically check for authentication. The only two pages where this didn’t happen was the login page and the registration page. It’s possible that they used the same system considering the guy I worked with on said project also got a job with Facebook later on, so he might have continued that practise there…
http://.openid.net = the end of login barriers. Learn it, live it, love it.
Companies are really digging it too. Could be used for websites, IM services, even gaming.
These sites both use cookies to establish a tentative, anonymous relationship between you and the site.
These sites are only applying an old paradigm to a new brand of site.
On-line stores thrive on anonymous use. Stores like Amazon, for many years, have allowed users to stock a shopping cart without logging in. The shopping cart is tied to the browser, so if you go back two days later, all the items selected remain in the cart, all without logging in.
The interesting thing is how poorly things were being designed in the first place. Why would a site like Netvibes need much information from me? Geni is static enough where they could almost store a passkey like the old Metroid passwords on my computer and not keep a single thing on their own servers. Online stores need things like addresses and credit card numbers to operate properly, but for years they’ve been set up to not require the user to provide that information until late in the process.
The idea that online stores figured this out before most of the rest of the Internet is strange.
The biggest reason I haven’t signed up to facebook is that you can’t actually look at the site until you’ve signed up. Rubbish.
The website (http://developer.facebook.com/) does not require any login anymore.
And to the parent above, Ben: One of the reason why Facebook is so popular is it’s fine-grained control of PRIVATE social networks.
Nobody can see what you don’t want them to see.
Comcast, OTOH, keeps redirecting to itself forever if you have cookies blocked. It’s so hostile it’s Comcastic.
Too often there’s a disconnect between the site visitor (who’s looking for an anonymous one-night stand) and the site owner (who wants the guy to come up with an engagement ring first). There’s the crude saying “I wouldn’t ___ her with someone else’s ____”… but if you would, that’s basically what BugMeNot is.
“I’m not so sure the Facebook folks are “brilliant on several levels” if their API documentation was placed behind a login barrier, even if for only a few days.”
Heaven forbid they have a small error that they corrected quickly. HEAVEN FORBID.
On a related subject you know what else I find bafflingly stupid? Required fields in optional questionnaires. They all over the place. Pretty much every questionnaire I have ever filled in (And I’m a generous fella’ and will fill in quite a few) has them.
I can understand the desire to gather as much information and connect it all together, but as soon as I see an optional questionnaire REQUIRING my postcode or sometimes even email (depending on how much I trust the source) I’m gone.
Surely they can make use of the information I am willing to give? There loss I suppose.