×

Notice

The forum is in read only mode.
× Keep in mind that suggestions must be within the realm of possibility to be taken seriously.

Posting rules: All registered members can create threads and post to existing ones.

Question Nitpicks for the signup process

9 years 5 months ago #1 by Arcanist Lupus
  • Arcanist Lupus
  • Arcanist Lupus's Avatar Topic Author


  • Posts: 1820

  • Gender: Male
  • Birthdate: Unknown
    • Two suggestions, both minor.

    First, one of my pet peeves is passwords that don't tell you what their rules are. For example, when signing up here you password requires a capital letter, but I didn't know that until I had created a password without one and gotten it rejected. So a little sentence saying "your password must contain an uppercase letter" plus whatever other requirements there were, would be nice. (unless there is already a sentence like that around, and I just missed it because I'm oblivious)

    Secondly, the confirmation email included my password, which isn't really serious but I generally consider to be bad practice.


    Again, neither item is very important. But if they're easy to change, then...
    "Shared pain is lessened; shared joy, increased — thus do we refute entropy." - Spider Robinson
    9 years 5 months ago #2 by Kristin Darken
    • Kristin Darken
    • Kristin Darken's Avatar


  • Posts: 3898

  • Gender: Unknown
  • Birthdate: Unknown
    • Yes, having the password rules shown ahead of time would be nice. I'll see if I can add that. somewhere... but I'm not sure its possible without changing code that be overwritten any time the main software updates.

    The other point... only really matters up until we approve your membership. After that, you can change your password to something else and it no longer matters that the original one was emailed to you.
    Fate guard you and grant you a Light to brighten your Way.
    9 years 5 months ago #3 by martina
    • martina
    • martina's Avatar


  • Posts: 7

  • Gender: Unknown
  • Birthdate: Unknown

    • Kristin Darken wrote: The other point... only really matters up until we approve your membership. After that, you can change your password to something else and it no longer matters that the original one was emailed to you.

    It's just Internet security best practice to not include passwords in plain text emails...
    I don't want to be forced to change a password a few minutes after I created it. ;)
    9 years 5 months ago #4 by Kristin Darken
    • Kristin Darken
    • Kristin Darken's Avatar


  • Posts: 3898

  • Gender: Unknown
  • Birthdate: Unknown
    • I get that. But not everyone shares that opinion or cares. With it set like this, the people who WANT the information saved in their mail folder from registration will have it and the people who do not can take a simple extra 15 secs worth of effort and change it once they are approved. If the setting is changed to NOT send it, then the people who want it can't EVER get an email with their registration info on it while the people who do not, get nothing and do nothing to keep what they want.

    This setting serves everyone, even if it requires one of those groups to take an extra step. The other setting does not. Prove to me that NO ONE will be affected by it, and I will switch it to the other setting.
    Fate guard you and grant you a Light to brighten your Way.
    9 years 5 months ago #5 by Arcanist Lupus
    • Arcanist Lupus
    • Arcanist Lupus's Avatar Topic Author


  • Posts: 1820

  • Gender: Male
  • Birthdate: Unknown
    • The problem for me with changing my password is that I generally use a specific formula for generating unique but memorable passwords for sites that I visit, and if I change my password from the one I first chose I would have to deviate from that formula, thus making my password harder to remember (not that I don't have my browser remember my passwords for me anyways).

    But again, this isn't exactly my bank account. There's really not much harm they could do to me with my Whateley forums password even if someone did in fact hack my email and find the password buried there (which seems rather unlikely to me). The way it's currently set is fine with me.
    "Shared pain is lessened; shared joy, increased — thus do we refute entropy." - Spider Robinson
    9 years 5 months ago #6 by Phoenix Spiritus
    • Phoenix Spiritus
    • Phoenix Spiritus's Avatar


  • Posts: 2595

  • Gender: Male
  • Birthdate: 20 Jan 1976
    • Amy chance on noting in the signup to create a temporary password as it will be sent in plain text email so that people know not to use thier 'permanent' password for the signup?

    That might serve both needs.
    9 years 5 months ago #7 by Kristin Darken
    • Kristin Darken
    • Kristin Darken's Avatar


  • Posts: 3898

  • Gender: Unknown
  • Birthdate: Unknown
    • As far as I can tell right now, anything I'd want to put in connected to login/registration would have to be in the code itself, which would need to be redone any time an update modified that file/template. If I can figure out a way to do it without doing that, I'll do so. Otherwise, it'll go in the notes in the FAQ/Help section for Guests who are considering registering along with the other explanations of how to find things on the site and so forth.
    Fate guard you and grant you a Light to brighten your Way.
    9 years 5 months ago #8 by Valentine
    • Valentine
    • Valentine's Avatar


  • Posts: 3121

  • Gender: Unknown
  • Birthdate: 17 Aug 1966
    • Since I accidently hit the caps lock key while entering my initial password, having it in the email was handy.
    Don't Drick and Drive.
    Moderators: WhateleyAdminKristin DarkenE. E. NalleyelrodwNagrijMageOhkiAstrodragonNeoMagusWarrenMorpheusWasamonsleethrOtherEricBek D CorbinMaLAguASouffle GirlPhoenix SpiritusStarwolfDanZillaKatie_LynMaggie FinsonDrBender
    Powered by Kunena Forum