Skip to content
  • Digital Marketing
    • Content Marketing
    • Copywriting
    • Email Marketing
    • SEO – Search Engine Optimization
    • eCommerce
    • Web Design
    • Web Development
  • Demand Generation
  • About
Menu
  • Digital Marketing
    • Content Marketing
    • Copywriting
    • Email Marketing
    • SEO – Search Engine Optimization
    • eCommerce
    • Web Design
    • Web Development
  • Demand Generation
  • About
Contact
Web Design and Web Development | MagicLamp
  • Digital Marketing
    • SEO – Search Engine Optimization
    • Content Marketing
    • Copywriting
    • Email Marketing
    • eCommerce
      • eCommerce Web Design
      • eCommerce Web Development
      • Benefits of a Professional eCommerce Web Developer
    • Web Design
      • Mobile & Tablet Web Design
      • Web Design for eCommerce
      • Web Design for Lead Conversion
    • Web Development
      • Web Development for eCommerce
      • WooCommerce and WordPress
      • WooCommerce Web Development and Customization
      • WordPress Experts
  • Demand Generation
  • About
    • Webmail
    • Portfolio
    • Blog
    • Web Development Staff
    • Web & Internet Infrastructure
    • Call Us @ 877 923 4678
  • Contact

Don’t use email addresses for logins!

Why?

From a discussion on Slashdot:

pros for using email as login:

1. guaranteed unique, though you’d be a fool to not have check.
2. users forget it slightly less
3. you have to send verification/password anyway

cons for using email as login:

1. What if a user has more than one email address?
2. Email addresses make reasonable unique keys, but slow indexes, especially since many are very similar
3. users may use disposable [spamgourmet.com] email addresses and suddenly you cannot contact them

However, if you read what prompted the discussion in the first place:

“CNet is running a story about how spammers and phishers can learn about our surfing habits to better target their attacks. According to the article, web sites that use e-mail addresses as IDs are vulnerable to attacks that could leak their users’ email addresses. These attacks are performed by requesting a password reminder for an address or trying to register with it.”

You begin to see other problems more related to security and privacy, rather than just design/implementation issues.

The best quote though:

“Here’s another one, and it ties into the original posting: it’s the same problem as using biometrics for identification: using an ID or password that’s hard to change. You don’t want to use that kind of ID casually, because you want to make sure that people who have your ID have an incentive to be at least as careful with it as you would be.

If you use your thumbprint to pay for a drink at a bar, how good a job do you think the bar is going to do about making sure someone else doesn’t game their sensor with a bit of latex on their fingertip? If someone steals your credit card, you can cancel it and get a new credit card. If someone steals your thumbprint you’re hosed.

This is the same kind of thing. If someone finds out that there’s someone with the handle “fishdan” on slashdot, they don’t have anything useful. If they have your email address, they have something useful that’s hard to change (look at me, I’m using year-tagged email addresses and I’m thinking of going to month tags). Plus, if you DO change your email address you have to change it EVERYWHERE (which is why I’ve got spam filters that reject entire countries for my main email address… because I’ve had it for about as long as personal domains have been available and I’m really loath to dump it).

And because of all this, what this means is that all email addresses have to be treated as disposable, even the supposedly private ones you use for account registration only. Which means that now your email address has the same problem as any other name: you have to remember a bunch of them, you have to remember where you used them, and if you only keep ’em long enough for the verification you can’t relogin with the old address.”

Ultimately, you can’t treat email addresses as a no-collision domain, and worse, you have to treat them as disposable.

 

Tags
Adaptive Design (1) Awards (1) CRM (1) Cross-indexed merchandising (1) Custom CMS (1) Customer Expectations (1) Customer Service (1) Custom Theme (2) Digital Marketing (7) Faceted Classification (3) Graphics (3) HTML (1) IIS (1) Internet Explorer (1) Locator Integration (1) Magic Shopping Cart (1) Merchandising (1) Minimalist Design (3) Mobile Optimization (3) Online Credibility (1) PayPal (1) Programming (1) Responsive Design (3) Security (2) SEO (4) Social Media Integration (1) Spam (1) Tags (1) Usability (4) Visitor Conversion (6) Visual Appeal (3) Web Development (10) Web Fonts (1) WooCommerce (1)
Articles and Reviews
  • Science Fiction or Science Future? Web Design Meets Mobile Tech
  • The Future is Mobile: Which Kind of Responsive is Right for You?
  • Graphic Possibilities With Open Source Web Fonts.
  • Faceted Classification Part 3: The Power to Merchandise
  • Faceted Classification Part 2: Doing It Right
Ready to talk to us?

We are an account based marketing agency.

Twitter Facebook-f Linkedin

Digital Marketing

  • Demand Generation
  • Search Engine Optimization
  • Content Marketing
  • Copywriting & Messaging
  • Email Marketing

Websites

  • Web Design
  • Web Development
  • eCommerce
  • Mobile Design
  • Woocommerce

About

  • Portfolio
  • Staff
  • Blog
  • Infrastructure
  • Contact

©2022 MagicLamp Inc. -- All rights reserved

Made with ❤ by Elementor

Posting....
Scroll back to top
We use information collected through cookies and similar technologies to improve your experience on our site, analyse how you use it and for marketing purposes.
Privacy Policy

Your privacy settings

We and our partners use information collected through cookies and similar technologies to improve your experience on our site, analyse how you use it and for marketing purposes. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. In some cases, data obtained from cookies is shared with third parties for analytics or marketing reasons. You can exercise your right to opt-out of that sharing at any time by disabling cookies.
Privacy Policy
Allow all

Manage Consent Preferences

Necessary
Always ON
These cookies and scripts are necessary for the website to function and cannot be switched off. Theyare usually only set in response to actions made by you which amount to a request for services, suchas setting your privacy preferences, logging in or filling in forms. You can set your browser to block oralert you about these cookies, but some parts of the site will not then work. These cookies do notstore any personally identifiable information.
Analytics
These cookies and scripts allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies and scripts, we will not know when you have visited our site.
Embedded Videos
These cookies and scripts may be set through our site by external video hosting services likeYouTube or Vimeo. They may be used to deliver video content on our website. It’s possible for the video provider to build a profile of your interests and show you relevant adverts on this or other websites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies or scripts it is possible that embedded video will not function as expected.
Marketing
These cookies and scripts may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies and scripts, you will experience less targeted advertising.
Confirm my choices Allow all
Verified by ConsentMagic