Robert Walker wrote: > Marnen Laibow-Koser wrote: >> I agree with Hassan here. I actually don't *mind* being asked to pick a >> username, but e-mail address should be fine. On a site I don't use >> much, I'm less likely to forget my e-mail address than an arbitrary >> username. > > What happens when the user doesn't remember their password? > > Site designers often assumes the user has access to the email address > used to setup the account. The site will then send a password reset link > to that email address. Oops, now the user has a problem, since they may > have no way to access a cancelled email account.
That is true whether or not the e-mail address is the username. In fact, I'd argue that if you're typing your e-mail address as the username all the time, you're *more* likely to keep it current. [...] > > We really need to migrate away from the username/password INSANITY. What insanity? What the heck is wrong with the current system, other than that it's worked for decades and can no longer be considered shiny and new? What problems are there that need fixing, in your opinion? > Work > is being done to resolve this, but we have a long way to go. OpenID, > OAuth, etc. are the path forward. Not really; they solve different problems. OpenID is basically SSO, and OAuth appears to be mainly for API authentication (and annoying developers :) ). Neither provides a general solution. > Let all help to get there so we can > get out of this username/password hell. I'm not in hell. Why are you? Best, -- Marnen Laibow-Koser http://www.marnen.org mar...@marnen.org Sent from my iPhone -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-t...@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.