Welcome to WebmasterWorld Guest from 3.209.80.87

Forum Moderators: phranque

Message Too Old, No Replies

Login: on every page or on its own separate page?

Is there a 'best' place for reasons other than security?

     
9:44 pm on Jul 10, 2008 (gmt 0)

New User

10+ Year Member

joined:Feb 14, 2003
posts: 32
votes: 0


I am thinking about login functionality for a site i am working on at the moment. There is some content that requires login but the site is not commercially sensitive and a high level of security isn't required.

i am debating whether to have a username/password/remember me/forgotten password set of input fields top right on ever page...or simply a neat link to Login that navigates to a standalone login page.

My question is: what are the pros and cons of each?

I am aware that many sites now create their login on a seperate https:// page for increased security but it is quite nice to login from and page and continue your journey from there.

My site does not have online registration (these are done manually and sent to clients for login) so it's not like i could combine a login/register area. a link to a login page would be neater though and would enable me to navigate the user to a logged in dashboard page once authenticated.

Does anyone have any additional thoughts on pros and cons of each?

12:52 am on July 11, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 20, 2004
posts:2377
votes: 0


We use a separate page. It allows us more space to also promote why new members might want to sign up.

My only thought on keeping the form on every page, you should make it dynamic. Create a javascript function that displays the form in the corner when they click the login link. That gives you the best of both worlds. A neat link in the corner, and the user does not have to leave the page to login.

2:14 am on July 11, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


Make sure that the other pages check that the user *is* logged in.

I've seen a few sites where you could type in the URL for so-called protected content, and view it directly without a password challenge.

The password page only appeared if you followed the site navigation, it wasn't properly protecting the content from access.

6:16 am on July 11, 2008 (gmt 0)

New User

10+ Year Member

joined:Feb 14, 2003
posts: 32
votes: 0


yeah good thinking about the page check - i've done that myself a few times on supposedly 'logged in only' pages and gotten in.

i like the neat javascript idea - once logged in that would of course change to log out. it also wouldn't butcher the design, which a crowded username/pword/forgotten pword/remember me block of input fields does..

9:17 am on July 11, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


Search engines don't do JavsaScript so would they get a free pass, or be completely blocked?

Do you want that content to be indexed at all?