usability and the cakephp site signup
I decided today, since i’m writing here anyways, i would sign up to the cakePhp site and maybe do some cross posting for articles heavily focused on cake. the signup process was brutal.
I know that they are gearing it towards advanced users, but i’m an advanced user and still i can’t read the minds of other developers (all i hear when i read your mind is ’ ruzz, you’re the awesome’ and you say it with a chinese accent. weird).
lets start with the actual sign up.
first problem i had was the real name field says it accepts punctuation, but errored out on me every time i tried to use my name: i. m. ruzz. small annoyance.
second, passwords. Am i creating a password that will store the secret locations of all my hidden money? no. am I dealing with highly sensitive information? no? why am i forced to use an industrial military strength password? these conditions exist:
- 6-15 characters. most sites do this now.
- at least one number (myspace does this)
- at least one captial letter (no one but the cake site does this)
listen. the truth about passwords is they belong to me, not the app. I’m the one charged with rememebering them so I should have some say about it. I’d fully understand if you encouraged these strict rules, thats good system administration. I can even understand enforcing them if there was real meaningful damage that could be done by cracking one. but lets leave the ethereal world of password security and use some commen sense. No one wants to hack my cakephp bakery account, and even if they did, what can they do? mess my articles up some? not vital but the password rules treat it as if it is. theres a disconnect at play in the developers mind.
the real cost of this is on me. I will forget my one time crafted to meet your rules password and have to go through arcane and uncomfortable password recovery/reset routines if i rarely use the site, and this hassle makes me much less likely to use the site. period. truth. reality.
if the inner unix admin in you just can’t deal why not implement a password strength widget that gently nudges me towards your desire, but lets me have the final say, within reason.
so after doing that process. I actually had to reset my password due to a glitch and found something even more interesting in the new password they sent me.
it doesn’t comply with their own requirements.
this just pissed me off.
it was all lower case, no capitals. so they don’t have to be secure, but i do.
once through that I customized my profile like all good users do (haha). and this is what i found.
I added the question mark for emphasis. I know what your first thought is, if i start typing something like mountain standard time it will auto lookup. no. wrong.
i just have to guess what they want is:
which does nothing after entering it but magically converts it after save. thats friendly.
same deal for user icon. what do they want? an url?
i never found out what they wanted even after submit, it never gets rendered to anything that i can see. fun!
there was more but i have some work to do.
1 year ago