An expert in digital strategy, Jeff brings meticulous energy to the creative world through intentional design that works as well as it plays out on the screen. Intuitive form and function are his trademarks, finely honed through twenty years spent designing digital experiences that connect and inspire.
Over the past 20 years I’ve built content management systems, social media platforms, auction sites, software for photographers, apps for musicians, and many many more.
And what’s the one feature they all have in common? A login system.
Design considerations
You typically need a signup screen, a login screen, and one or more screens in the backend for users to update their information such as their password.
With a standard login system, you’ll need the functionality to allow users to reset their password if they've forgotten it, because you probably don't want to be manually resetting passwords for users.
There's usually some transactional email that will need to be designed as well, such as email confirmation, welcome email, or for the password reset.
One thing that has gotten a lot of attention recently with a new rule from the FTC is if this is a subscription service, it must be as easy for users to cancel as it is to signup. So we also need to factor this into our design as well.
By now, we have a pretty firm grip on the design requirements. Most of these are time proven features like a steering wheel on a car, as users know what to expect. I know you’ve seen many signup and login screens. However, technology has been changing the options available for signup and login.
Social login has been available for over a decade, which provides the convenience of allowing users to use their credentials from platforms such as Facebook, Google, or others.
In regards to security, we've seen several new trends appear, such as passwordless login and multi-factor authentication (MFA). These are aimed at solving the problems that a password system introduces, such as unauthorized access.
What do users really want?
Data shows that majority of users still prefer a standard login system over passwordless and social login, although the margin is getting closer. Companies seem to be forcing MFA on us, but do users actually want this?
I personally get annoyed with having to open up an authenticator app on my mobile device or wait for a code in an email. MFA is inefficient to me, and instantly affects my mood when logging into platforms that require this. In fact, when possible I will even try to avoid platforms that require it.
The same is true with passwordless options that send an email or SMS message, you run the risk of frustrating users. The only exception is fingerprints or face recognition—those can be easier than passwords and I will choose those over multi-factor, but there is a downside.
This may get me in trouble, but sometimes you do need to share your login with someone, and a standard password login system wins. There's plenty of good reasons why—you're working with a team, you have a spouse, etc…
I understand why the password system can be problematic - the main reason is that users choose insecure passwords, like “password123” or use the same password for everything.
While we can't prevent that, we can ensure that users choose secure passwords, like requiring a minimum number of characters and a mix of uppercase, lowercase, numbers, and special characters.
Circling back around to social logins, I personally don't use those as well. For me, it's harder to remember whether I've signed up via social login or direct signup. I use a password manager and have unique passwords for everything, and it’s just easier. But suppose I were to sign up for multiple platforms with my Facebook login, and somehow I lose access or my Facebook account is deactivated. That could mean that I would no longer be able to access any of the other platforms as well. Most people don't realize that risk.
There are many important design considerations, and we are happy to implement the best solution for your unique situation. For example, if most of your users are between 18 and 35, having a social login would likely be beneficial.
Conclusion
Efficiency is always at the core of everything I do, and we’ve enjoyed great success with the platforms we’ve developed.
In a future video I’ll dive into what a login system looks like on the development side.
Would love to hear your thoughts on any of this!
