Nobody loves registering on a new site or logging in on one they have visited before  — on any type of device. Yet, on mobile devices registration and login are more painful than on a desktop, for several reasons:

  • Typing passwords is more difficult on mobile because it involves switching keyboards to access numerical or special characters. In fact, a study carried out at University of Munich shows that entering a password character on mobile takes almost twice as much time than on the desktop, and as a result people tend to create weaker passwords on mobile.
  • Users have trouble remembering passwords, and many still store them in physical files or on a computer. These won’t be available on the go.
  • Filling in forms is, in general, more error-prone on mobile.

In general, our first recommendation is to think twice about asking people to register or log in on mobile. For ecommerce websites, always provide guest checkout as an escape hatch.

If you must ask users to login or register, here are a few guidelines to make these processes easier:

  1. For most apps/websites, login or registration should be optional and as many features as possible should be available without logging in.

In This Article:

Registration

  1. Explain the benefits of registration. What do people get by creating an account?
  2. Offer alternative methods of registration such social login or Google login. Not everyone will use these, but those who are willing to do so will be able to register more quickly and, because they will use a much-rehearsed password, will be more likely to remember it and less likely to make mistakes while typing it.
  3. Ask only for the minimum amount of information in the registration form. Ideally, email and password should be enough. Avoid asking for date of birth or other information that is not absolutely essential. If users want to get more benefits by providing additional information, they should be able to do so by editing their profile.
  4. Make the password visible. When people can see what passwords they type, they make fewer mistakes and they can review their password once entered.
  5. Disclose password constraints upfront. Nothing is more annoying than having to guess what the site’s password requirements might be, and later discovering that you guessed wrong.
  6. Display a strength meter. It will give people real-time feedback about the passwords they choose and prompt them to create stronger passwords.
  7. Do not repeat fields (e.g., two password fields, two email fields).
    Typing passwords is painful enough; typing them twice is twice as painful. Instead, allow people to see passwords (and emails) in clear to check for errors. And, at the end of the registration process, you can show a confirmation page presenting both the email they selected and the password they typed.
  8. Do not ask users to confirm their registration through email.
    Switching applications can disorient users and can raise roadblocks that ultimately may prevent them from attaining their original goal (which is never to register on your site). If you must confirm credentials, do so by sending users a code in a text message instead of a link through email, because that code will be easier to type without switching contexts, just by glancing at the notification displayed at the top of the screen.

Login

  1. Allow people to use fingerprint authentication (such as TouchID) to log in.  This method will remove most pain from the login process.
  1. Offer the option of showing passwords in clear. However, unmasking does not need to be the default for login. Although we advocated for this practice for a long time, only recently sites and apps have started adopting it, and some users can feel unsecure when seeing the password characters in clear. That is why, at this stage, we recommend masking the password by default and presenting users with a Show password checkbox that allows them to unmask it.
  2. Include a Forgot password? link. Rarely used passwords are forgotten, and recovering them should be available on any device.

Conclusion

Think twice before forcing users to register or login on mobile. If that is an option you offer, follow our guidelines to help people go through the process as painlessly as possible.

Learn more about making mobile websites and applications usable in our course on mobile user experience.

References

E. von Zezschwitz, A. De Luca, H. Hussmann. 2014. Honey, I shrunk the keys: influences of mobile devices on password composition and authentication performance. In NordiCHI '14. http://doi.acm.org/10.1145/2639189.2639218