I'm putting together my first website, and I'm wondering if I should bother asking for a username at login. If the password is long enough, won't that be just as difficult to geuss randomly as a shorter username and password?<p>Assuming the answer to that is yes, it a good idea to force users to choose a password, or would that be inconvenient?
The number of people who pick '12345' or 'password' is astronomical. And forcing them to remember a "strict" password is more detrimental to the user experience than just having a user/password combination.<p>Besides, what are you going to do if you get dupes? "Sorry, that password is already in use"?
If you need to allow identification of users, you'll probably want some sort of username. And adding a username later will be harder than putting one in now. Also, any deviation from what the users expect/are accustomed to (i.e. username/password) will lead to user confusion. I would just go with the standard username/password login.<p>Personally I don't mind if you generate a random password for me, but either way works.