Tuesday, November 8, 2016

Login form authentications

We have been using login forms from many many years now. As the web is continuously evolving these form have gone through many unnoticed changes over all these years.

There was the first era of showing fields like username, password, remember me, forgot password, need help, reset, and an anonymous question mark which was too much to think about and proceed with the login process.

Gradually, these forms have become shorter and shorter with only username and password fields because that's what the user is actually interested in using as interaction elements to accomplish the task.  

The validation process:
Ever since beginning websites do validate both the username and password fields, but there are another type validation requirements; such as, for security reasons some websites don't validate usernames; the login process is only completed after typing a correct password.

In such cases we face some common questions like:
1. Should I use the current trend of showing username on first screen and password on second screen?

2. What will happen if the authentication fails on second screen?

3. Should we redirect the user to first screen with a message 'your username or password is incorrect'?

4. Or should we use the traditional username and password fields on same screen and then so the failure message, and if we do which field should have a focus?

A lot to think on....

The best bet here would be to use the traditional login form with username and password fields placed on same page with a forgot credentials link in case if the user doesn't remember his credentials (username and password both), and a signup link for new users.

What about the focus?

Well, when you are not validating the username field there is no point in keeping the typed username in the field after validation error as there is a possibility that the username also could be wrong. So it's best the system resets the form entirely with a focus on username field.