A Detailed Look at The Account Registration Process for Review, Comment, and Suggestion From All Users

in steemit •  3 years ago  (edited)

I've documented making an account with Steemit with a valid Reddit account and I am sharing it with everyone so we're all on the same page for comment and suggestions on improving the process. My account was originally mined but I wanted to see and document what most users go through to make an account. I did this so I could understand certain things like how much effort is required and how clear the instructions and warnings are for password creation and backup. I'm concerned about this because I've seen several people ask about password recovery, which is not an option on Steemit. These pictures of the UI are presented in order throughout the process.

Guest header

Without being logged in a person is shown this at the top of the Steemit page. It uses the tagline I first posted here so naturally I approve. What happened to "Welcome to the Blogchain" though? Is it trademarked? I thought it was clever. The Sign Up button takes you to the Sign Up dialog (same as the link on top) and Learn More takes you to https://steem.io. I think mentioning that the free account is worth money is great but with the market fluctuating it's hard to keep it accurate. I discuss this in the next section a bit more. Finally it has that X in the corner which is nice because once you've seen the message, it's nice to disable it and get it out of the way.

0

Sign Up dialog

1

This is a good dialog. I like the fb and reddit icons and colors used for the buttons. With the price of STEEM fluctuating (and new accounts, despite now starting with 5 SP, are worth over $10 right now), it's hard to keep a solid value of this. It could follow the Steem price feed, and drop all decimals to round it down to the nearest whole number. But if the price falls and the price feed lags behind the account won't be worth what it says it's worth. Maybe just drop the $2 value altogether or base it on an external API that is faster than the internal price feed?

I also think we're overdue to have the option to directly buy a Steem account from this dialog, with cryptocurrency. Not everyone has a Reddit account with enough karma or a Facebook account, and some might have them but don't want to use them to link to a Steem account for whatever reason. It seems like the already-existing Blocktrades integration would make this simple, though I know the web team has a lot of work on their plate right now.

Reddit sign in and authorization

2

Once logged in, you get this auth page which is nice and explicit in what they tell you you're allowing.

3

Steemit create account - Account name

I took it as a challenge to find all the disallowed account name messages that I could.

a
b
c
d
e
f
g
h
i

I probably still missed a couple. These are pretty good messages. A lot of sites will give a green checkmark or something similar when an account meets all the rules. It's not necessary, but it's a nice validation when you've tried a lot already.

Steemit create account - Passwords

When you hit the Allow button on Reddit you are taken back to Steemit, to this prompt.

4

Note that from the start, it says "Steemit cannot recover passwords."

Suggest a password for you

It also has the "suggest one for you" link. Clicking it gets this box:

5

"Please Make a Backup" might not be strong enough language :) Included is a small print link in the upper right, a bit too close to the close-dialog-X. I think this could be bigger and more centrally located, next to the header text. Then a fairly random-looking 21 character alphanumeric password.

When the X is clicked password suggestion box goes away and the password fields are autofilled. I'm not sure if that's a good or bad way to make sure the password suggested is used by the new user or not. You hope they printed it or at least copy/pasted it into a saved document. The fields are greyed out to prevent editing but the Clear Password link can be used to clear the fields and not use the suggested password.

6

Use your own password

7

A too-short password is met with this warning. One thing that I noticed is that the warning about not being able to recover passwords has disappeared when you start typing one in. This "Steemit cannot recover passwords" warning should instead get a few font sizes bigger, bolded, and turned the color red. And if <blink> tags still existed, those too.

It's only when you have the fields fully filled out with a matching password does the warning come back, this time looking a bit different. You wouldn't have seen the text about a secure location until now if you didn't click the suggest password link. I think this message needs more emphasis.

8

Account created

Click the Create Account button and after a second or so your fresh account is made and you are logged in and taken to your own blank blog page. It's sparse, unwelcoming, and probably confusing to many people. This could use improvement. Maybe a welcome splash popup with some links to FAQ(s) and guides. Stuff a new user might want to see.

9


I want to hear what other users of Steemit, new and old, have to say about this process, so it can be improved and/or streamlined. I think the issue of passwords needs to be very over-the-top explicitly addressed as people are very used to having a reset-password safety net.

Leave a comment if you have a single comment/critique of one thing or if you have something to say about everything. Also leave a comment about your personal experience with making an account: was it easy? Did you have trouble? Do you feel the warnings about the password backups were adequate?


If you like this or my other posts, click here for my blog page and hit the follow button in the upper right!

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

I absolutely agree with the passwords needing to be explicit that once you forget your password, sorry no dice. There have been some new people that found this out the hard way unfortunately.

Honestly, I think the 12 words recovery is the best option for Steem that other coins and HD wallets are using. That way, if all else fails, they for sure have a backup of their password hash.

Yeah I was really trying to stress the importance of password safety with this post https://steemit.com/steem/@will-zewe/if-you-re-new-to-the-crypto-world-and-now-find-yourself-in-possession-of-a-few-steem-steem-dollars-take-a-watch-on-what-you-can figured the newbies could use all the help and advice they could get.

use service such as lastpass so this problem could be resolved,it's like your storing your password in secure way and autofill any form

WHY STEEMIT COULD MAKE US TO BE A NEW ANOTHER WEALTHY PERSON:
https://steemit.com/steem/@afrizalaf/why-steemit-could-make-us-to-be-a-new-another-wealthy-person-in-this-planet

Totally agree pfunk; I sat with someone yesterday, while she created an account. I had to go completely overboard about using a unique password and saving it in triplicate.

It took about 2 minutes of me going overboard before she got it and agreed to keep it safe.

Is it possible to detect if the person copied it to clipboard?

If so perhaps a message saying "You have not copied this password, Steemit cannot recover passwords, if you lose this key, all potential profits will be lost, would you like to copy this to clipboard now?"

Then if they say no; an "are you sure screen" if they say yeah I'm sure, then an are you sure you're sure.

Then if they still say no, don't want to copy, then an "OK, on your own head be it screen."

I personally didn't get that when I signed up, but luckily I'm pretty disciplined with passwords after some very frustrating experiences.

CG

The biggest problem with all this is that Google, Facebook, banks and other similar sites all have the ability to recover or reset passwords. Might be a little bit of a pain to do but with a small amount of effort you can get back into an account when you forget your password. So the masses have been trained that password losses are recoverable. Only in the crypto world are people on their own safe guarding their wallets.

But more and more people coming to Steemit have little or no previous experience with crypto. So they don't understand that there is no help desk to call when they forget their password. That's the biggest problem, this is uncharted territory for them. They don't realize until it's too late that there is no fallback plan if they haven't made one themselves.

I concur. Since the steemit community is inviting the masses here, they must make the danger of losing your password explicit, bold, and crystal clear to the user at every step.

You can prevent copy / paste in browsers as far as I am aware.

Thanks for documenting this process. I agree with your findings re: the password issue, which has been cited in the past as a barrier.

We just deployed some changes based on your suggestions. The password warnings are visible at all times and should have stronger language now. We can put something on the Blog screen when it is empty. Do you have any suggestions?


Awesome! Images are 404 though

Just what was needed! Thanks. This will avoid heart-burns and make the transition to crypto pleasant for the un-initiated.

one thing!!! When i signed up had no clue that the username is not changeable. it pains me now a bit and i really can't make a new one given that i have all my sp here...maybe make this clear in big friendly letters as they say :)

Thanks for the reminder on passwords. With all the excitement of signing up and then trying to figure out what this was all about, I forgot to write mine down. Thank goodness, I still remember it. I registered through facebook and I was like a kid opening up a birthday present with my mom saying "Now don't forget to keep the receipt in case we need to..." "Yea, yea, mom..."

@pfunk it's a spot on review. I found it quite unclear as well. Now I'm preparing to do the neccessary changes and put it to the rest in a nice cold & dry storage;-)

On the forgeting the password suject... if/when 2 years down the road you want to power down forgeting your password with $1000's worth of SD! This would not be good. Everyone its very important you make a backup for your private key!

Interesting, and detailed assessment. I myself work as a technical writer and front-end web developer for a certain tech company (which shall remain nameless for sake of being shamed) and happen to agree with you pretty well across the board. I do not remember stumbling at any point during the login process, and might even go as far as to suggest they add in the ability to login through google and twitter as well.

This is very useful for other people, at least it looks good for beginners community here

https://xkcd.com/936/
I will just leave this here

Good job! (y)

Very nice attention to detail.

One way to mitigate the password issue is to help educate people on creating strong, memorable passwords. Strong passwords are great, but not necessarily good if you forget them for services like using Steemit!

One way to do this is to utilize a sort of "master" + "key" structure and use that across accounts. This involves coming up with a very secure "master" (which won't be too difficult to memorize since you're using it on many accounts) and then a service-specific, much simpler "key" which changes for each account. This way, the only thing you really have to remember is the key, and you can keep the master stored away or locked in muscle memory.

Thank you for such a detailed presentation of information. The material you have prepared were very useful to me.

I frantically tried to karma up on a new reddit account last night because of this process. I refused to create a new facebook(I had proudly deleted mine 5 years ago) But reddit was not cooperating and users were holding my positive karma ransom unless I gave away steam keys???! So I went on an old joke facebook acct and signed up through that. Hopefully steemit doesn't force me to use facebook at any point or I'll be forced back into my hole home in the shire.

I think it would be good UX to promote the use of a password manager in the registration process as well. If steemit.com was open sourced I would submit a PR. :)

The platform is developed and it pleases! All steem!

Thanks, nice information about back up the password

Good article, i particularly agree with the point on a welcome splash page for new members as it can be a little confusing when you are first plapped into the steem.

Nice Post :D

you wrote:

If you like this or my other posts, click here for my blog page and hit the button in the upper right!

How this FOLLOW button works. Can I see later posts only from people which I follow? Where I can find it?

The functionality is not yet implemented but I'm inviting people who want to to follow now so that when it is, they can see my posts.

Perfect! I will definitely share this link with all my family and friends I'm trying to bring to Steemit :D

Thank you!

It's not really a guide, it's a bunch of screenshots of the various parts of making an account so people can see it all as it currently is and comment. Many of the accounts with the most Steem Power never had to make an account this way, and most probably haven't tried it out. And others may have made an account earlier with a different interface.

follow

Great write up.

I'll share that I originally created a steemit account under my Reddit account. Then I wanted to change my username so I tried to create another steemit account under that same Reddit account. Of course, I saw the error that said I couldn't do that, but then I just went ahead and created the account anyway and it worked. So I'm not sure if that is by design or if there was a bug that allowed me to do that. I can only assume that I now have two steemit accounts linked to the same Reddit account OR my second steemit account is not actually linked to my Reddit account.

I understood about the password while sign up, but I do agree that people will overlook this unless highlighted significantly during sign up process.

Thanks for the info!

I have lost far less than I have made the last several years regarding "losing passwords". Eventually I learned to just memorize the keys if the account is important.

Login with VK.COM must have.

Great article