Another great example of this is when an online site forces you to sign up just so you can see what the shipping costs would be, or even worse the price. Oh, I’ll “sign up” alright… hello Mr. Fljadfljsdfljad of 1234 Main St. Anytown, USA 20001 nice to see you.
I think that facebook/myspace/etc. are sticky enough that they are used to the login requirement driving membership, not turning people away.
@nordsieck
Probably. I suspect that Facebook’s devs may not have a lot of experience producing things for developer consumption… For their sake, I hope they quickly figure out the developer mindset.
By the way, this obnoxious requirement of obtaining an API key is 1 of my biggest pet peeves when I try to make mashups.
I agree with you 99%, however some sites by their very nature must require a login barrier (or at least I seem to think so).
Take my newest site for example: www.radiocurrents.com
This site provides music and other downloads for radio stations provided by record labels. The level of security that we have been asked to have by the record labels prevents us from allowing any content to be really shown without not only forcing them to register but to verify that they are who they say they are.
I think its a very special case, but wanted to point out that the case does seem to exist, though as you said, the barrier is usually there more times than it is truly needed.
I find having to log in is not the only barrier, though it is a major one. To pimp my blog a little, I wrote a post on how annoying it is both as a user and a developer to have to create a social network for every site (http://icr.vox.com/library/post/a-global-social-network.html).
I like the sound of Netvibes and Pageflakes, it obviously makes things a lot easier. Though I would probably find myself a little irked when I, having used it and not signed up, went to another machine and wanted my customized content.
I’m liking the current trend to use email as the persons ID. Primarily because it means people are more lacks about what characters they allow in display names, so I can have my square brackets 
Jeff made a great point. What’s the benefit to the user? If you are making them login, just so you can track how many people are accessing your stuff, then you just created a barrier. If that login gives them access to lookup stuff that’s related to just them, that’s a reason to have a login.
But let’s not forget an ancillary benefit for having a login is protection against identity theft. For example, if Jeff’s responses to posts weren’t orange, anyone could post a response with the name “Jeff Atwood”.
Even in that case, just because you want to offer the ability for people to create accounts, you shouldn’t restrict your site functionality to just people who have accounts. ImageShack.us does a great job of that, you can upload a picture to be hosted with or without an account. But if you have an account, you can go back and manage and control the pictures you have uploaded.
Hey, who moved my cheese!?!?!
A login barrier is a tactical element in a site; Facebook uses theirs to create a sense of privacy and exclusivity.
Their growth rate shows that this is working just fine.
Logins are not and never will be an issue, my point of view- Shoot all the smart arse half baked web developers who think that 5000 lines of script is what it takes to display a button in a web page. Its not rocket science, to many people write their little blogs have a whinge, the reality is that over fifteen years the line speeds have gotten quicker and quicker and loading of web pages has gotten slower and slower. Want to complain about typing half a dozen text characters in a box ? wow you really are at the bleeding edge.
I think that the login barriers are a valid hurdle to leap. Every person that complains that they have to log in every time is also the person that has regular cookies turned off, scripting turned off, and wants their cart to still be there three days later.
Seriously, with AutoFill for registration pages and login remembering, the browser reduces most of my registration pages to a 1 click event and the login pages to a Submit click. The browser is doing the heavy lifting, no permanent cookieing needed.
I completely agree on this. I believe this is not only for the documentation, the users should be able to even try/use your application without a login. This is what we have done on JotForm. I posted what I think about this subject here:
http://atank.interlogy.com/blog/?p=12
This is exactly why we need openid (http://en.wikipedia.org/wiki/Openid). I wish I could login everywhere by typing my gmail address, and then letting google handle the authentication. Fortunately, that seems to be the direction we’re heading in.
Jon Raynor makes a good point on the Facebook API… The CRM vendor we use restricts people who can access the API documentation to paid partners and customers. If you are paying your software maintenance fee then you’re not going to be able to access the documentation. But still, if I don’t know what I am missing, am I really missing anything?
Chubber: The Login Barrier is not about a website requiring you to log in at all. It is obvious that preference persistance over a longer period of time or across different browsers or machines will require a login. The point here is that many sites require you to login (and, before that, register) before you can use the site at all. That is, you must sign up before you know if you want to sign up.
OpenID looks neat. I would love to see it implemented on a large scale.
Isn’t OpenID just a sprawling Carnivore-like creature in the hands of who-knows-whom?
Funny, I did the same thing as you.
“Login!?! Spffff, whatev’s, later.”
And I left the page. Havent gone back since. Capturing an audience is like ecommerce. You have to make it easy to get in, easy to buy in, easy in general.
Check out www.doodle.ch - proof that a login isn’t necessarily required, even in circumstances where you might expect one.
Sun does something similar to a lot of the content on their sites. To get patches, documentation, applications, and their troubleshooting information you have to sign up.
However, since they no longer charge for their software they want all their users (who tend to be enterprises) to have a support contract with them. Some of those can be affordable for a user (~$300 per annum) when I was considering signing up.
It’s a change that I don’t completely agree with but I understand why they have done it. Though its’ annoying that I have 3 different sun ids that are tied to my previous employer’s email addresses and I have forgotten the passwords.
Generally I think that for technical info its’ okay to have a signup process as long as it is very short and easy. Just ask for an email address and password. If the person wants maybe more access such as access to the source then maybe the name, address, and other info. However this only applies to non OSS projects.
What really gets annoying is trying to remember your login name and password for multiple sites!
I try to use the same name/password combination for all of the sites I feel the need to login to but sometimes it just is not possible.
So, what’s a developer to do? Well, the STUPID thing like everyone else that is not autistic and can’t remember dozens of login names and passwords. I write them down somewhere (Oh network gods of security shudder!) I simply have no other choice; I have to do this to be able to access the site later.
So, remember, if your site does not absolutely positively gotta hava hava gotta login then DON’T DO IT. Or I might just blow your site off for ALL of the above reasons.
Stores like Amazon, for many years, have allowed users to stock a shopping cart without logging in.
This may be nice in some cases, but the total inability to obviously log in to Amazon drives me crazy. If I want to add an item to my cart for later purchase on any normal site, I log in, click “Add to cart”, and log out again. On Amazon I have to carry out a poke-and-hope navigation exercise to get me to something that’ll actually allow me to log in, in order to make my choice persistent. Logging out again doesn’t seem to be possible at all short of shutting down the browser and restarting it. This is taking the principle of “don’t force people to log in” a bit too far.