Web Developers: Don’t Be Username Idiots
18 June 2009 | By Ian in Development, Opinion, Rants, Sites of InterestJust a quick note to any developer, site owner, or project manager who is in charge of developing a user login system:
Don’t put unreasonable restrictions on usernames.
It is sensible to prevent people from creating names containing certain characters or names of extreme length. However, some sites go too far by requiring all user names be 7-12 characters in length. Other sites forbid user names that begin with numbers.
A more reasonable approach would be to allow user names from 3 to 16 characters, with a limited set of punctuation allowed, and the first letter cannot be whitespace.
Remember that user names are generally public information so you don’t need to apply the same protections you do to ensure strong passwords. Do the right thing and your users will thank you by not abandoning your account creation form.
22 June 2009 | isnoop.net blog » Blog Archive » Web Developers: Don’t Be Password Idiots Said:
[...] a follow-up to my last post, here are a few tips to help keep you from driving your site users away with misguided password [...]