I'm looking for opinions on whether an implementation detail on my website home page is reasonable or not.<p>I want users to sign up initially and subsequently login when they visit the site. I am gathering the absolute minimum of data - an email address and a user-generated password.<p>I figure rather than have a login form and a sign-up form I would instead use the same two-input box form for both functions. In the back-end I check for the existence of the credentials against the Db. If they exist, log the user in. If they do not, sign the user up and log them in. Seems like the simplest possible method, to me.<p>I am uncertain on this simply because there seem to be no other examples of sites doing this, so I wonder whether I have missed a major usability point here.
Oh, and this just showed up in my RSS reader:<p><a href="http://www.smashingmagazine.com/2008/07/04/web-form-design-patterns-sign-up-forms/" rel="nofollow">http://www.smashingmagazine.com/2008/07/04/web-form-design-p...</a><p>Good read if you're focused on signup forms right now. :-)
That might be the simplest method, but it isn't the simplest interface.<p>Problems include typos, past users not remembering which email addy they used to sign up with, messaging (do you put a "forgot your password" under a signup form? That'd feel kinda weird). I think Reddit had some variation on what you're talking about and recently moved away from it.<p>On the typo front, here's what will happen: I try to log in but screw up the email addy. You create an account and send a welcome email to an addy that may or may not exist. If it doesn't exist (likely), the receiving mailserver might flag you as a spamming domain. In the meantime, I now have two accounts and might be confused given that the new account appears "empty".<p>By the by, @mooders-- why aren't you replying to people via threaded responses?
There is a reason that the common login process has evolved into what it is today.<p>While I wouldn't want to discourage trying new things, it's definitely worth it to read the other comments on this page and then decide if the convenience you'd be providing on login is more important than the prevented headaches when a user hits an edge case that is no longer covered.<p>My point is not to tell you "no, don't do it" because your particular site might be different enough from the usual site that this approach could work. Although I guess that is probably unlikely.
I've been thinking about doing something similar. If you'd like to brainstorm on how to make it work let me know.<p>I think it's possible. Firstly you need to tell people it is different. Secondly drop the email, have the form redirect to their profile. I think you should add a radio button or something that provides the options login/create/lost password. have login be the default.<p>then show it to someone for usability testing. If it doesn't work make 2 separate forms.
It's important to make clear that this form does more things than every other form in the world that looks like it.<p>Also, there's a reason why "confirm password" is a standard -- unless you're sending them their password plaintext afterwards, you run the risk of locking people out due to typos.<p>Objections aside, though, it strikes me as elegant.
@tortilla - after n retries, we will lock the account and email a randomly-generated password to them that is valid for 24 hours. On login, they will need to enter a new password.<p>@bayareaguy - email offers two advantages over username. 1) it's unique and 2) it can be useful for communications.
bad idea, most people will just get confused because they can't find a "Sign up" or "Register" link on the page. So they will just leave in frustration.<p>And it won't help to have a few sentences telling them what to do, because the whole concept is so foreign, noone does this.<p>Do you really want to bother with teaching every user this concept? I mean this is such a trivial thing, and will cause nothing but problems.<p>And like someone mentioned you'll flood your database with a lot of typo addresses and will frustrate users even further, because instead of them getting into user@hotmail.com account, they ended up in uswr@hotmail.com
It's pretty elegant in principle, but you might lose whatever usability points you gain with the multi-use form by having to explain to the user that it's meant for both signup and login. I can't think of a really simple way to do that.