IA Summit: Re-experiencing information

by Luke Wroblewski April 13, 2008

At the 2008 IA Summit, Lucas Pettinati presented some of his learning’s redesigning the Yahoo! registration process in his Re-experiencing information: Dealing with user-submitted data talk.

  • What is the context for registration? People want instant gratification. It’s fairly easy to switch providers –low barriers to entry for online services. People will lie to protect their identity. Remembering account details is difficult.
  • In order to establish an effective design, need to embrace user needs & leverage their natural behavior
  • Different structures for user registration. Pre: needs unique identifier. Post: encourages return transactions. Immersive: promotes usage. Part of the way you use the product.
  • Connecting with the user: build trust so can get factual data within the system
  • Error & help text: fun, approachable angle to ease people into it
  • Only ask necessary questions
  • Only need unique identifier for communication: aol, gmail, etc.
  • Banking & Finance: needs identifier for increased security
  • Commerce: no meaningful ID needed for commercial transactions
  • If going to use a unique identifier, make it easy for people. Use email or a common ID method for registration if you do not need a unique identifier
  • Respect your user’s locale: get message to international users that a localized version of site content is available.
  • Use CAPTCHA wisely: Provide audio version for the visually impaired, allow user to request a different image, Use CAPTCHA to protect commodities like usernames
  • Online circle of life: register, user, forget account information
  • Build a relationship prior to or with registration
  • Be personable: use humor if appropriate
  • Explain the value of questions if they may be seen as out of context
  • Use an immersive registration process when possible

Account recovery mechanisms

  • Email: quickest, assumes people have control over email
  • Challenge/response model: prone to repeated errors because people lie, works best when information is up to date
  • Forensic: confirms account activity and details in order to reset password: verifies actions only known by the account owner, safest method, most difficult to implement
  • Email recovery: put the user in the control. Need to ask for email address from user. Confirm where it is sending
  • Challenge/recovery questions change over time.
  • Users want to retain privacy and may be worried about ID theft
  • Put the user in control of account recovery
  • Remind users that their account may contain old information
  • Use human support when possible