Forgotten password interaction design

July 28, 2009 2 Comments

I’m working on a Register, Sign up, Join or whatever you think best to call it process for an online application. Where I’m at now (after deciding to go with “Join” by the way) is what’s the best process for those who have forgotten their password. As I currently see it (from testing some) there are three main ways to do it (please let me know if there are others worth considering) and these are:

  1. Emailing the current password to the user,
  2. Emailing a new password to the user and asking them to change this when they come back to the site, and
  3. Emailing the user a link which they click on and then reset their password on the website.

Now my preference is for the easiest option, number 1, in that it is the easiest and simplest user experience. I do however realise it’s not the most secure but this is where it gets murky for me. I realise that emails are not very secure and can be easily intercepted but my feeling is that if someone can intercept an email then none of those proposed approaches is secure so go with the easiest for the user.

The only thing I can think of is that in options 2 and 3 the password is not actually known by the service – that it is somehow encrypted in the database and can not be pulled out and converted to text as such?

Your thoughts, preferences, views and expertise would be appreciated.

Poor form design at afl.com.au

July 23, 2009

This would have to be one of the worst forms I’ve had to fill out. I don’t think a designer had any involvement in that.

AFL Online Order Form

Google Chrome – Tab Labels

July 1, 2009

I found the labels on the tabs in the options screen of Google Chrome amusing. It’s nice to see personality in an interface.