A while back, I got an invite from a friend to join Weasyl, an art site like DeviantArt. Here’s my experience:

  1. get an invite email. Yay! Now I can sign up.
  2. Click through to a signup page. They made me enter a username, password, email (?) and DOB (?) and annoying CAPTCHA
  3. Fill out the form info and hit enter. Oh no! My username was taken. Try again with a different username
  4. password must have a number. There must have been some small text I didn’t read
  5. password must have an uppercase letter. :/ Seriously? What is this, a bank website?
  6. The email I entered wasn’t invited. Yeah, I used a different email; one I use for social networks. Why was I asked for an email when I just clicked through from being invited via email and there was only one right answer?!

I stopped there. On my site, GaymerConnect, it’s one form, on the very first page you hit: email, password, confirm. Everything else you can change / setup later. Once you enter that stuff, you’re IN. Also, Rails has pretty decent antispam built in, with auth tokens and utf8 protection, that are invisible to the user. On non-rails sites, I do the same thing with javascript. Just setting a form parameter on pageload with JS and checking for it server-side will eliminate >90% of spam submissions.

Today the site went into open beta. I figured I’d give it a shot. The process:

  1. Go to the site, click signup
  2. Enter username, annoying CAPTCHA, password, confirm (checked all the little-text this time), email, confirm (really?), DOB with annoying javascript thingy (is it 1 / Jan / January? no way to tell when tabbing into it)
  3. username taken - did my username register after all? no “forgot password” button here - only links back to the main page :/
  4. forgot password page: username, email (?), DOB (?) - why enter all this? I should be able to enter my email, get an email with my username and / or a password reset link. Whatever, enter all the info.
  5. email incorrect - did I use the other email?
  6. Nope - somebody else is using my name on the site (happens now & then, no biggie) No link to registration page, plus I’d have to re-enter all my info.

Welp, that’s all the effort I’ve got for it today.

Signing in should not be this hard. And especially not for a social network thingy. I don’t need to two-factor auth or impossible-to-remember passwords for an art sharing site. In Rails, signin is a solved problem thanks to Devise. I’m not sure what they’re building the site with, but I would think any serious framework at this point could make signin a lot less complicated.

Maybe I’ll still sign up at some point; but my initial experience with the signin process makes me worry that the site is crufty (pages that only display a confirmation message, without links to where I need to go), hard-to-use (am I going to have to CAPTCHA on every upload? every favorite?), and frustrating. So maybe not.