tags:

views:

219

answers:

2
Q: 

References on best practices for registration keys/access codes format

I am developing an online site to which access will be sold at college bookstores. Students will purchase a card at the bookstore with an access code that they may then use to register online at our site.

I want to make the code as user friendly as possible. I personally hate registering for a product and having to type in a registration key 5 times because it's ambiguous.

Can anyone point me to resources describing best practices for designing the format of the code itself? Obvious things spring to mind-- don't use zeroes or the letter O, don't make it case sensitive, include some kind of checksum. I don't want to be creative here, I need a recipe for what must be a problem solved many times.

A: 

It really depends on how much security you need. A few ideas come to mind.

If you want something really simple you could generate simulated credit card numbers; students are adept at using these four-digit combinations, and they can be checked with a Luhn algorithm.

If you want something a little stronger you could generate a GUID, and use that as the code.

If your website can send emails you can ask the student for their email address, and send them a challenge/response email. Then you don't need codes at all. Their email address is the code.

Robert Harvey  2009-05-22 18:48:59
thanks - good tips. Security is one part of it, but I'm mostly concerned about ease-of-use. They are prepaying for access to the system. I want them to take the code and have it be easy to get started. I don't want them to get hung up on mistaking zero for letter oh, for example.
Will Glass  2009-05-22 19:29:48
+1  A: 

Joel Spolsky had some good insights to solving this problem in one of the recent StackOverflow podcasts. I believe the episode was #49, you should download podcasts or checkout the transcripts at https://stackoverflow.fogbugz.com/default.asp?W4

Dealing with 0 (number) and O (letter) mixed in a key is really annoying as some fonts make it hard to distinguish the two.

Other usability concepts such as groups of three being easier to deal with and remember then a single number are good to be aware of. For example, 345-829-817-432 instead of 345829817432.

By the way, 345-829-817-432 gives you 12^10 permutations, and even the smaller number 345-829-817 gives you 9^10 permutations which may give you enough strength depending on your situation.

tschüss,

bn

bn  2009-05-22 19:42:41

related questions

Ideal user feedback for HTML input
How to test web-apps on mobile for free without wlan?
How to emulate Emacs’ transpose-words in Vim?
opening links in the same window or in a new (tab)
For list controls, should find-as-you-type match at the start of an entry, or anywhere in an entry?
Error Message Text - Best Practices
What Event to Trigger Javascript Form Field Validation and Formatting?
Is Microsoft's Ribbon UI really that great, from a usability perspective?
Modal popups - usability
What are some excellent examples of user sign-up forms on the web?
Quick and Dirty Usability testing tips?
Make Web Application Accessible
Are tags useful for navigation (on Stack Overflow or otherwise)?
Do you use the Inductive User Interface pattern in Windows Forms?
How to default the source folder for new JUnit tests in Eclipse?
What are some good usability guidelines an average developer should follow?
OK-Cancel or Cancel-OK?
What metrics for GUI usability do you know?
GUI design techniques to enhance user experience
Are there any guidelines for designing user interface for mobile devices?
should websites expand on window resize?
Should menu items always be enabled? And how do you tell the user?
How do you test the usability of your user interfaces
User Interfaces - Colors and Layout
Is there an Unobtrusive Captcha for web forms?