Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: buckworks
ideally i would like to allow email addresses as usernames, as this is one less thing for my customers to have to think about when signing up.
however i have identified a problem with using an email address and i would like to run this by people to see what they think.
i dont activate my customers accounts until i have verified payment. this can take a week or so if a cheque has been sent in by post. so what if Joe Spammer comes on and signs up for an account under 'firstname.lastname@example.org'. he says hes paid by cheque and goes way. (really he's got no intention of paying hes just spamming my database). later on the real email@example.com comes along and wants to sign up. yet he is prevented from doing this because my database already has an entry under this email address!
the simple answer is to request a custom username. so is this the way to go? any advice much appreciated!
You could potentially put a check mark beside the input box stating 'Use my email address as my username' and let the user decide.
But I guess my next problem will be how to I offer very frequent customers a way to easily log in and get preferred treatment/prices etc? I'd probably go with email but I'm not going to like it.
I forget what email I use all the time for certain things.
later on the real firstname.lastname@example.org comes along and wants to sign up. yet he is prevented from doing this because my database already has an entry under this email address!
You can put a statement, "That username/email appears to be taken. If this is your username/email, then please use the password recovery link/function". They then just verify the email address, and the system sends the password to the email on file which is the username. They then can login and change it if they want to. That way, it is simplified, and unless the 'poser' has access to the 'real' user's email account, they can never actually do anything with it.
We use email address as the username, it is one less thing for people to remember. Also, not to be too liberal, BUT, what are the chances that someone will actually register a username that then tries to buy from you. Pretty slim. I would't waste a lot of effort planning for that scenerio. Plan and program for the 99%.
i think i am going to ask for both a username and a password as corey suggests.
Um, so you actually considered to *not* require a password?