NATS Generated Username or let user pick Username on NATS sites?

[gleem]

So for all you NATS folk and maybe other scripts as well I see alot of errors on the joins from people picking the same username as other previous members, or they click the back button after some error and NATS won't let em fix the data and resubmit with the same username they just used, they have to change it.

Has anyone ever switched to letting NATS generate a username and seen ratios improve?

My only concern with NATS generated username is login issues with members getting all nutty about forgetting their usernames and getting blocked off the site from too many login attempts after their initial join and later of course.

Share the knowledge!

[antpeks]

no knowledge about nats, but generated usernames ftw

[gleem]

Quote:

Originally Posted by antpeks

no knowledge about nats, but generated usernames ftw

Why do you think it's better?

[antpeks]

Quote:

Originally Posted by gleem

Why do you think it's better?

if you let member choose, you put your site in danger, cause he may use combination that is already available in google. doesnt matter on security, but you will be hacked. with random combo the chance is almost none. and if your member want to enter your site, he is online so he have access to his email where he have or can receive his password

[seeandsee]

Quote:

Originally Posted by antpeks

if you let member choose, you put your site in danger, cause he may use combination that is already available in google. doesnt matter on security, but you will be hacked. with random combo the chance is almost none. and if your member want to enter your site, he is online so he have access to his email where he have or can receive his password

nats generated us/pw will be good

[gleem]

Quote:

Originally Posted by antpeks

if you let member choose, you put your site in danger, cause he may use combination that is already available in google. doesnt matter on security, but you will be hacked. with random combo the chance is almost none. and if your member want to enter your site, he is online so he have access to his email where he have or can receive his password

Right, I've been using proxypass, and it just blocks after the 3rd IP logs in with it, so it's no biggie, again I'm more concerned about the users going nuts with forgetting their usernames.

[harvey]

I'd let your member choose the username. Everything that makes your user experience better will be for good. If every time they need to enter your site they'll have to look for a mail just to remember what to do, chances are that member won't last long. Just my 2 rupees

[Sly]

Quote:

Originally Posted by harvey

I'd let your member choose the username. Everything that makes your user experience better will be for good. If every time they need to enter your site they'll have to look for a mail just to remember what to do, chances are that member won't last long. Just my 2 rupees

The thing is... what makes for a better user experience... being able to choose their own login after three different attempts or being assigned a login that they can use right away to sign in?

I've always wondered... at what point do you piss off a surfer by making it difficult for them to choose a login? You guys should see some of the stats. It's dumbfounding. Surfers will error out the join form 2, 3, 4 times before it actually works... if it ever does. By that point, a lot of guys just leave. I don't blame them.

[raymor]

I would do assigned, given only those two choices. When you let people pick, a LOT
of them choose "password" as their password. Another large percentage choose
"qwerty", etc. Those accounts will eventually get compromised, then you have
to choose between allowing in all the free loaders ripping your site, or shutting off
the compromised account and emailing the member a new password, which is
inconvenient for them.

The ideal, I suppose, would be to let the user pick, but not allow them to pick dumb
passwords like "password". I don't knwo yet whether something like that could
be cleanly integrated with NATS. We make consider building such a tool which
integrates with NATS if possible.

[gleem]

actually guys I'm more worried about usernames because a NATS join CAN look like this:




you can see he makes a mistake on the credit card page gives up and starts from the beginning and either uses the username or it's already autofilled thanx to his browser, my NATS setup needs unique username each time for cancelation, trial upgrades and tracking. So he keeps getting the error and 19 min later he figures it all out and is a member.

[NextBigTube]

I really hate it when some site generates a userid / password. If you can't decide, at least you should have a checkbox and let the user decide.

The last thing horny surfers would want to do is search for their signup emails.

[TheDoc]

Gleem, you should let the user select it when filling out the short form. Then if it's taken use the suggestion feature to recommend a new username to them. Generate the user/pass on the backup processor link, when the form isn't filled out (if you have this feature). Either way, be sure to display the user/pass on the thank you page and that your signup emails have the info in them as well to help with confusion.

[fatfoo]

Quote:

Originally Posted by gleem

My only concern with NATS generated username is login issues with members getting all nutty about forgetting their usernames and getting blocked off the site from too many login attempts after their initial join and later of course.

If a weird username such as 12783017asdbhlj12398 is generated then it is easy to see why the user could forget the username.

The difference it makes is the user would have to store this username somewhere to copy and paste it all the time.

[gleem]

Quote:

Originally Posted by TheDoc

Gleem, you should let the user select it when filling out the short form. Then if it's taken use the suggestion feature to recommend a new username to them. Generate the user/pass on the backup processor link, when the form isn't filled out (if you have this feature). Either way, be sure to display the user/pass on the thank you page and that your signup emails have the info in them as well to help with confusion.

I've had the suggested username setup, no evidence that anyone was really using it, didn't seem like any difference.

I was thinking do the random user/pass and upon approval it open the login page in a frame, top fram would have their user/pass on it so they don't forget when the initial login is needed.

[TheDoc]

Quote:

Originally Posted by gleem

I've had the suggested username setup, no evidence that anyone was really using it, didn't seem like any difference.

I was thinking do the random user/pass and upon approval it open the login page in a frame, top fram would have their user/pass on it so they don't forget when the initial login is needed.

With a little fancy work you can make the suggested username show up in the input field. Also having very clear error messages based on the different possible issues they could have, clears up some retries. It's minor, but every little bit helps.

[FrozenJag]

I see the same thing on my paysite.

Ideally NATS should make it to where if a member backs up back to the join form then tries to use the same username again, it shoudl allow him to do so as long as his ip matches up to the first request and the user isnt already a paid member.

Would this be all that hard? Would fix all of these errors and make for more sales I think.

[fuzebox]

Anyone against letting the member login using their email address and a password?

[gleem]

Quote:

Originally Posted by TheDoc

With a little fancy work you can make the suggested username show up in the input field. Also having very clear error messages based on the different possible issues they could have, clears up some retries. It's minor, but every little bit helps.

the real issue is as frozenjag points out the page reloading then they don't realize they have to use a new username and they get screwed again when they submit.. perhaps the IDEAL IDEAL deal would be, give em one chance to make their own username, and if they dupe it, then they get "theirusername_1234" etc.. automatically made for them so they don't have to re-do the username.

Quote:

Originally Posted by FrozenJag

I see the same thing on my paysite.

Ideally NATS should make it to where if a member backs up back to the join form then tries to use the same username again, it shoudl allow him to do so as long as his ip matches up to the first request and the user isnt already a paid member.

Would this be all that hard? Would fix all of these errors and make for more sales I think.

Yes but adding IP matching arguments is another database call, I dunno if that's a big deal or not, just playing devil's advoctate, and the way NATS works with usernames, each pre-join submit HAS to be it's own unique event that can't be revisited, they explained it to me, but I forget.

Quote:

Originally Posted by fuzebox

Anyone against letting the member login using their email address and a password?

What would happen if he had to redo the username as in the above examples, would have to not use the username, plus NATS won't handle the "@" as a login.

[TheDoc]

When a user submits a username, nats assumes the username will be taken for a period of time... the reason is, the member could have signed up and nats won't know for a period of time, or another possible member selects the same user as another, and both submit the join form, which happens.

It is possible to detect the error on a pre-posted join form, and add a site id/code to the user, secretly, so the duplicate issue doesn't post to nats.

Many solutions you can do really... but the simplest is just to make sure you use the suggestion tool and explaining the error very clear to the surfer.

Either way, auto generating username/passwords, doesn't mean more sales, but it can mean more submits if you're harvesting emails.

[okok]

Depending on the product, the username may not be as "personal" to a user. For instance, if I am joining a dating site where my identity matters, I do not want to become coolguy1204902910 if coolguy is taken. Suggest, but don't generate.

However, if I have followed a tour that is pushing the good ol' 8 milion hours of video and 32,000 images, I just want to get into the content area. The username is not personal, as I am just here to watch videos. Every time I have to try another username, I have another chance to think, ya know, forget about this, I'll watch TV.

What about the concept of not hindering payment, push the user to the choose-suggest-repeat cycle after he's paid? I know some of you have done / are doing this... thoughts?

[harvey]

why don't you use AJAX to check for availability and avoid confusions? You'd even allow fields filling only after the username is successfully confirmed as a valid one. Just a suggestion

[Zyber]

Quote:

Originally Posted by harvey

why don't you use AJAX to check for availability and avoid confusions? You'd even allow fields filling only after the username is successfully confirmed as a valid one. Just a suggestion

agree

[fuzebox]

Quote:

Originally Posted by gleem

What would happen if he had to redo the username as in the above examples, would have to not use the username, plus NATS won't handle the "@" as a login.

Doesn't matter what the username is, you auto generate it and keep it in a hidden field... All that matters is that you match their email address and password when they login to the members area.

[antpeks]

btw it may be easy to generate passwords, but not complete password, but just some numbers in the password. member may choose combo jack01:orange, but nats will give him random last lets say three numbers. so user will know his username, and he will know that password is lets say jack01:orange144. then its not that hard to remember your username:password and last three numbers of most visited sites if you have more memberships. and its still unique combo to every site

[TheDoc]

Quote:

Originally Posted by harvey

why don't you use AJAX to check for availability and avoid confusions? You'd even allow fields filling only after the username is successfully confirmed as a valid one. Just a suggestion

NATS locks the usernames for a very smart reason... if you use ajax, I can test the username's for a valid user, once it's a good user I can brute force attack that username.

With nats, every submit to check for a valid username, locks the username - along with a generalized error on a duplicate.


This is done for a very good reason, if you screw with it, you're chopping your own balls off.

[harvey]

Quote:

Originally Posted by TheDoc

NATS locks the usernames for a very smart reason... if you use ajax, I can test the username's for a valid user, once it's a good user I can brute force attack that username.

With nats, every submit to check for a valid username, locks the username - along with a generalized error on a duplicate.


This is done for a very good reason, if you screw with it, you're chopping your own balls off.

you got a point there, didn't think about it

[TheDoc]

Quote:

Originally Posted by harvey

you got a point there, didn't think about it

I'm up for any ideas you have though - I'm for sure no genius with ajax.

I have been working on this exact issue for a really long time. I ended up going with the default solution but I spiced it up a little. Put one of the suggested usernames in the user field, really spiced up the error messages, added in error colors, just tried to go above the call.... and it truly did help.