A typical web-based authentication system will have two options--Sign In (a path for existing users) and Register (a path for new users). Potential problems for users arise when they don't know if they have an account, or they have tried to sign in unsuccessfully and decide to try to create another account. Typically, when an existing user tries to create another account, they get an error message or some instructions for recovering their information. The user may or may not bother with the effort.
Consider this...How likely is it that an existing user, when trying to create a new account, will use the same or similar information as when they first created their account? Now, imagine if you simply allowed the registration form to also act as a sign in form. Or, make the sign in form step one of the registration process. It should be easy attempt an authentication using the information in a registration form and bypass the actual creation of a new account if an existing account is found, so why not do it?
I know what you're thinking...what if the user *doesn't* enter the same information. For example, what if the username is different but the provided email address matches an existing account. Create a trigger that starts the necessary account recovery process and notify the user what is happening?
By allowing authentication to happen in a registration form you can potentially:
- Unobtrusively sign in existing users who didn't know they had an account.
- Save user frustration by triggering the login recovery process for them using information they already provided.
- Prevent abandonment by users not willing to make the traditional effort.
What do you think? Anyone doing this or considering this approach? Why/why not?
Monday, 2 June 2008 14:26