11 Star Authentication by

Signing up for and logging into websites in is a huge pain. I’ve seen my parents experience visceral discomfort when presented with a username/password form. The anticipated cognitive stress and disappointment, embarrassment, and frustration when they can’t remember their login information is the antithesis of a good user experience.

Inspired by the first Masters of Scale Podcast episode Handcrafted With Brian Chesky Co-founder, CEO at Airbnb let’s see what a better sign up/log in experience might look like:

  • ⭐: You try to sign up or log in and can’t figure out how.
  • ⭐⭐: You see a button to sign up but it doesn’t work.
  • ⭐⭐⭐: You find a form to sign up. You fill it out and press “submit” but it doesn’t work and all your information got cleared away - your password needed a capital and lowercase letter and a special character. You try a few more times with different passwords you use frequently and eventually get the right one. The website probably stored the extra passwords you typed in to sell to hackers. When you come back to the website it forgot you and you have to re-enter your email address and password again. You don’t get the right password and click “I forgot my password”. Your password is sent in plain text.
  • ⭐⭐⭐⭐: You click a prominent “sign up” button are taken to a short name, email, password, confirm password form. You fill it out and press “create account”, then are taken to the login page. You type your email and password into the login page and are logged in. When you come back sometimes it remembers you and sometimes you have to re-login, but the login form remembers your email address.
  • ⭐⭐⭐⭐⭐: You click “sign up” in the top right of the web page and get taken to a login form with just email and password. You fill out this form with your usual password, click “sign up”, and you’re logged in automatically. You only need to re-enter this password if you log in from another device.
  • ⭐⭐⭐⭐⭐⭐: You click “sign up” in the top right of the web page and get taken to a login form with just email. You type in your email address and get asked to enter a code you were emailed. You check your email on your phone, enter the four digit code, hit enter, and are logged in. You click a link that was in the email sent to your phone and are logged in on your phone too.
  • ⭐⭐⭐⭐⭐⭐⭐: You click “sign up” in the top right of the web page and get taken to a login form with phone number and email and you only have to enter one (but you can enter both). You type in both and get asked to enter a code you were emailed and texted. You get an SMS alert on your phone with the code, enter it in the form, and immediately after you enter the fourth digit you’re logged in. When you come back to the website you can enter either your phone number or email address and whichever one you enter you get the code (with a magic login link) sent over email and sms.
  • ⭐⭐⭐⭐⭐⭐⭐⭐: TODO: start using and enter data => sign in => sign in later a different way and they link
  • ⭐⭐⭐⭐⭐⭐⭐⭐⭐:
  • ⭐⭐⭐⭐⭐⭐⭐⭐⭐⭐: You load a webpage and get personally greeted by the person that made it. She’s already set up your account for you and added your devices as trusted devices, so you’ll never need to log in. If someone steals your phone or laptop, biometric sensors lock your entire device, so your website account stays secure.
  • ⭐⭐⭐⭐⭐⭐⭐⭐⭐⭐⭐: You never interact with webpages, only human personal assistants. Your assistants know who you are and figure out a way to do what you want.

Somewhere between 4 stars and 11 stars lies a sweet spot of feasibility and user experience.