Since its inception, Instapaper has had a famously simple, one-field registration form:
The username can be anything, and there’s no password. You can always set a password in the Account panel, but every new account is registered without one.
To date, 23% of accounts have been registered with usernames that aren’t email addresses, and 82% of accounts don’t have passwords.
But now, after a lot of consideration, I’m changing it to be more traditional:
- New account usernames, and future username changes to existing accounts, must be email addresses. (I don’t care whether they’re real.)
- New accounts will have passwords, and it will no longer be possible to remove passwords on existing accounts. There are no strange requirements — passwords just need to be at least 1 character.
Problems with non-email usernames
Many of Instapaper’s top support issues are caused by the difference between email addresses and usernames:
- Usernames are much harder to remember than email addresses when people return to the site. Most people have only one email address, but if prompted to create a username, they may choose one of several that they routinely use.
- People often forget whether they signed up with a username or an email address, or they think “username” means the part of the email address before the “@”. They’ll type e.g. “firstname.lastname@example.org” once and just “myname” the next time, resulting in duplicate account registrations and confused customers.
- In some cases, someone has mistakenly logged into someone else’s account because they both chose the same common-word username.
- People with non-email usernames will often forget their passwords, but without knowing their email address, Instapaper can’t send them a reset-password link. Automated password resets aren’t possible at all for the 5% of customers who have passwords but non-email usernames.
There are other drawbacks as well, most notably that I can’t easily create email-based features.
Problems with having no passwords by default
Originally, the rationale behind this was that choosing a password was just a barrier to registration, and since Instapaper isn’t storing any sensitive or valuable data and there’s no reason to share your username publicly, the risks of password-less accounts were too low to matter.
But this creates other problems:
- It’s possible to accidentally log into someone else’s account with a similar username. (See above.) This could result in accidental or intentional destruction or alteration of someone else’s data.
- On login, people are often confused by the presence of the password field since they never set one, and this slows them down, scares them, or discourages them. (The behavior has always been that any entry in the password field for non-passworded accounts would work, which helps, but it’s still a problem.)
- I can’t responsibly encourage people to share their usernames with others unless they’ve set a password, because unscrupulous opportunists could search for these mentions and hijack any non-passworded accounts among them.
Username flexibility and defaulting to no passwords have made registration smoother and easier. But they cause enough problems, especially on future logins, that I no longer believe that they’re worth the registration benefits.
I’ll be updating the login form in the website and the iOS apps with the new requirements in the near future.
Accounts without passwords, or with non-email usernames, will continue to work indefinitely, but I may soon prompt those account holders to set passwords or change their usernames to email addresses.
I know this is a minor inconvenience, but it’s best for Instapaper and its customers. And once the transition is complete, I’ll be able to take advantage and deliver some great new features.