Log In to GroupServer

OnlineGroups.Net has been musing about using email-addresses as login
identifiers, rather than the obscure user identifiers that are currently
generated. Below is the proposed Help text for the GroupServer manual,
detailing what login will look like. Comments?

    Logging in to GroupServer

      To log in to GroupServer, carry out the following.

      1. Click Log In on any GroupServer page. The log in page will be
         shown.

      2. Enter your email address in the Email Address entry.

      3. Enter your password in the Password entry.

      4. Click the Log In button. You will be now be logged in to
         GroupServer.

One idea that Richard had was to show the user a link to the Password Reset
page, in the error message if the user gets the password wrong. The body of the
login page will also have a link to the password reset page.

On Sun, 2007-09-23 at 20:50 -0500, Steven Clift wrote:
> Many sites now allow either a user name or e-mail simultaneously.
>
> The first/last name thing works great for me because I want the member
>  profile link to contain real information - the person's name. So I
>  recommend having profile pages based on f/last name rather than
>  login/e-mail.

This is also likely to change when we rebuild registration. I think
Mike will probably be sending out the detailed document on this at some
stage in the near future(?). We spent a couple of days designing it
last week.

Key changes:

1: Simply providing an email address will get account creation underway.
Passwords will be created as the last step (since you don't actually
*need* a password if you're just using email!)

2: The user will choose what the identifier in the link to their profile
is (we call this the nickname now). It is a possibility that we could
force this to be set to something for certain sites.

3: There will be no concept of a 'login' name. Only email addresses. See
1 to see what the 'login' name will become.

4: The user will choose their own password. Always.

5: Accounts are not verified. Only email addresses will be verified (a
verified account will be defined as one with at least one verified email
address).

6: Profile information will be collected as part of the account setup
process. This will, in most cases, be optional. It is partially to give
the user something to do while waiting for the email verification to
arrive.

7: The user will be given *considerable* scope to verify their email
address. They will be reminded about it. They will be allowed to resend
the verification. They will be allowed to change the address if it's
wrong and resend it. They will be given hints about putting the 'from'
address into their email address book.

> The big question is whether you really need to assign such difficult
>  passwords instead allowing people to pick them themselves when they
>  login. If we had credit cards on file I could understand the stronger
>  security standard, but we get support queries weekly from folks who
>  simply can't type in the combinations of case sensitive letters and
>  numbers GS generates.

The new registration system will eliminate this entirely. The user will
never have a password chosen for them, not even if they use the password
reset. If they register by email, they will choose a password when they
decide they want to use the website as well.

--Richard

Below is the mock-ups of the log in page. Note that the verb is
Log In; the noun Login is never mentioned, as these pages are
verb-centric (and I am afraid of Alice).

Also of note is the three links to the right of the Log In button:
      * Reset Password, Register, and Help. They

The following files were added to this topic:

  login.png (17KB)

  login.xcf.bz2 (12KB)