Bubble Foundry

The end of signups

by Peter.

Today Gawker announced that they’re letting people create anonymous ‘burner’ accounts. What is interesting is that all you have to do is pick a pseudonym and you’re good to go: no name, email, and age to input, no account verification. I think this low friction way of creating website accounts is how (almost?) every service should work.

I’ve actually take this approach with Game Later, and I’m very happy with how it works (a link for the brave, since it’s only designed for Rock, Paper Shotgun and is nowhere near prime time). Put simply, when Game Later is loaded I look for a single cookie containing a UUID. If it’s not there I create the cookie with a new UUID and create the associated User model in the database. That’s it.

That means that users can start saving game previews and reviews for later without any explicit signup ,and as long as they go back to the site in the same browser they’ll see their ‘laters’. I put the the UUID down at the bottom of the page along with the user-specific bookmarklet  so that in the future users can log into the account from another computer (manually editing the cookie in the browser is the only way right now but does work).

This is not a new idea, of course. If I remember correctly, Instapaper used to not require any signup – I do remember that you chose a username and didn’t need to have a password (and you know my feelings about passwords). I think a password was eventually required because of privacy issues (ie people guessing others’ usernames and viewing their reading lists or spamming them with entries). People naturally use the same simple names (I’m pr1001 on everything) and they’re easy to guess.

Generating a UUID removes the only step in the 1 step signup process (asking for a name) and also protects against privacy issues: people can’t chose predictable usernames, and a UUID isn’t (as?) predictable as a sequential numeric id. Of course, if you switch computers occasionally then a predictable username is much preferable to an obtuse UUID, though I figure that happens relatively rarely.

But doesn’t mean that there will be an explosion of ‘users’ in my database that aren’t connected to an active user? Sure, but database entries are cheap and it wouldn’t be hard at all to periodically clean up users with no saved games or who have been inactive for a long time. Likewise I could check the user agent when the page is requested and skip the creation of a user account when the site is loaded by Google or another crawler.