views:

364

answers:

5

For a web application, which is the better option?

Usernames has to rely on an email for the person to recall later. Conversely, it's rare for a user to use multiple usernames for a particular web application. Also, sending details back to the user's email gives a certain level of security.

Email on the other hand has additional related problems - Most users have multiple email ids and invariably multiple accounts get created. Merging those accounts become a huge headache. Conversely, using an email as a login identifier has the advantage of external authentication via OpenID.

What would you suggest?

+5  A: 

I would suggest OpenID. You dont have to worry about encrypting and saving users password, security etc ;-)

Edit: Openid has some Pros and Cons

Shoban
@ Shoban hey cabn you please explain this OpenID,how does it work and how can i integrate it with my web application
Sam Rudolph
So would I, but it doesn't mean you don't have to worry about security — this is what the very idea of logging in is about. Regardless for the key.
Michael Krelin - hacker
@Sam check this question : http://stackoverflow.com/questions/42407/how-do-i-implement-openid-in-my-web-application . Has all the info you need.
Shoban
Sam, try openid.net ?
Michael Krelin - hacker
@ hacker can this OpenID be usable in java application?
Sam Rudolph
@ hacker actually i am looking for the solution for java applicationcan you tell me how can i setup this service in my application?
Sam Rudolph
Sam, it's language-agnostic. Yes, there are libraries for java, php, ruby, python, c++, c#, and, probably, the rest of them languages. The only requirement for OpenID consumer is to be a web application.
Michael Krelin - hacker
Sam, you may want to read this one - http://www.plaxo.com/api/openid_recipe
Michael Krelin - hacker
@Sam did you check the link in my comment??
Shoban
@ Shoban just now i read it..thanx for the help
Sam Rudolph
A: 

I prefer email myself, it's easier to remember and usernames I like are not always available.

JYelton
A: 

My first suggestion is OpenID. Right next to it, email login.

There is the article, a step by step guide to enable Open ID.

But with a little search on google, I'm sure you can enable OpenID using Google accounts, Yahoo accounts, and other providers.

Regards.

Fábio Antunes
+2  A: 

It actually depends on your application and its functions.

If you have some kind of email messaging system, then taking email id for login is a bad bad idea (for both user experience and business).

But if its just some kind of blogging and photo publishing, then email id is fine.

Bottom line is - Usernames scale better than emails and to my experience, most people prefer user names. To them email id is for communication not for authentication, and their emails keep changing from company to company.

Ohh please, OpenId is more a headache than a utility. Always remember when you "own" things, they scale better. But anyway it all depends on your app.

Arpit Tambi