Assigning site password or letting user choose ...

Forum Moderators: phranque

Message Too Old, No Replies

Assigning site password or letting user choose ...

Which is better?

Hawkgirl

12:12 am on Jul 9, 2002 (gmt 0)

I lean towards letting people choose a password (this is what my site does now). There are some folks who want to change this and just have the site assign a password, instead.

I try as much as possible to separate my personal preferences out of this kind of debate and let the data dictate my actions.

Heck, I don't even know if I put this in the right forum, but ...

What are the prevailing winds saying about this topic? What do users prefer?

ScottM

12:37 am on Jul 9, 2002 (gmt 0)

I prefer to chose my own...I've got a list of 'server chosen' passwords that would defy any database..">)

Just kidding.

Let them chose their own.

My 2 cents..

mack

12:58 am on Jul 9, 2002 (gmt 0)

always better to allow the user to chose their own password..simply so that they will be able to remember it.

I would stick to using generated passwords only for when a user has to click on the "forgot password" link and even then give them the option to change it to something they can remember when they next log in.

deejay

1:15 am on Jul 9, 2002 (gmt 0)

Sites that choose my password for me, almost without exception, don't see me again.

Not that I don't _want_ to go back, but I honestly can't be bothered with having to look up an obscure (to me) password when there's another site just around the corner that will let me choose my own.

rcjordan

1:24 am on Jul 9, 2002 (gmt 0)

I agree with deejay, not allowing them to select has the potential to hurt your membership roster, particularly when they're in the "new member" mode and just starting to develop their routine.

Sinner_G

6:44 am on Jul 9, 2002 (gmt 0)

As an option, you could have the site generate a password and then give the user the possibility to change it to one they can remember.

ecardiff

8:22 am on Jul 12, 2002 (gmt 0)

I worked on a site where a password was generated and an automatic email sent to the new user containing a link to change the password to something the user preferred. At least this way the client knew all the users were genuine and not a@a.com etc. It seemed to be OK.

Sinner_G

8:28 am on Jul 12, 2002 (gmt 0)

What we have here is many people preferring to set their passwords themselves. And I am one of them. What I wonder is why anyone would want to have the server generate passwords?

The only reason I can imagine is to be sure the PWs are complicated enough so they cannot be cracked easily.

And even for that you could set some rules, so what's the point of generating passwords?

ecardiff

8:34 am on Jul 12, 2002 (gmt 0)

I see your point. As I said above, the logic there was to ensure users had entered a valid email address, the fact that the password was server-generated was really irrelevant.

Hawkgirl

2:28 pm on Jul 12, 2002 (gmt 0)

Well, I have some coworkers who hold very tightly to the philosophy of "the less questions we ask the lower the drop-off rate of the site will be."

If you don't ask someone to choose a password and the verify (re-type) it, you blow two fields off of the page.

My thought is, most people expect to create/enter a password so it's not barrier or serious drop-off point.