May 30, 2017
Users Are Forgetful, but Not Amnesic
Many websites and apps let you sign up via social logins, signing up to the website/app using the credentials from popular social networks such as Facebook and Twitter, and rightfully so.
Who wants to go through the trouble of filling in a form, remembering yet another password and verifying their email address or phone number? Instead most would rather just do it in two clicks via a social login.
But there doesn’t seem to be a user-centred pattern of implementing a social login. We implement the social login solution to free user from certain tasks, but perhaps we haven’t looked thoroughly enough at the best way to implement this.
Don’t get me wrong; I’m not against social logins. It’s the way it’s implemented that I want to discuss.
Am I signing in or up?
Many websites use ‘sign in with Facebook’ or ‘log in with Twitter’ regardless whether the user is signing in to their existing account or creating a new one. Why confuse your users?
Gitlab, for example, have a section for social logins below their sign in and registration forms. Whether the user is on the ‘Sign in’ form or the ‘Register’ form the section says “Sign in with”.
Do I need to have an existing GitLab account linked to my social media account to be able to sign in using it? How do I register using a social media account? It’s not clear. Thankfully GitLab’s users are a bit more tech-savvy than your average user.
We are forgetful
Using a social login means as a user I don’t have to remember another password. Though it also means I have to remember which social login I use when I sign up to an app. Many apps include multiple social login options (e.g. Facebook, Twitter and Google). GitLab (shown above) uses 4, and I have accounts with 3 of these.
In case you forgot which one you used, it’s not clear to the average user what to do. There’s no guidance. There’s no ‘Forgot your password?’ equivalent.
It is actually easy to figure out which one it was. When you use a social login on a third-party app for the first time, you are asked to authorise the third-party app to access your credentials. If it’s not the first time, you log in straight away.
So in order to figure out which social network you used, you can try to log in with each and see what happens. If you pick Twitter, for example, and Twitter asks you to authorise the third-party app to access your information, then Twitter wasn’t the social network you used for sign up for this app.
Or you could look at the list of the authorised apps on your social media accounts (a lot of work).
Does the average user know this though?
Consider this: a user forgets which social network they used to create their account on a third-party app and they guess it was Facebook. They pick Facebook and get asked to authorise the app to access their Facebook profile information (they never used Facebook to log in to this app before), they confirm the authorisation (thinking they signed up with Facebook and authorising the app is a regular thing they need to do every time they log in) and end up with a new account. They have two accounts now (opps!).
They still have to find out which social network they used to sign up in the first place, then either merge the 2 accounts if the app allow such an option or delete the unintentionally created account.
What if they were aware that Facebook asking them to authorise the third-party app means they never used their Facebook account to sign up to this app? What if you told them? Shouldn’t you?
What if you told them? Shouldn't you?
Even if users are aware of the try-and-eliminate method and/or the fact they can check the authorised apps list on their social media accounts, you still should remind them. Even if they are aware that Twitter asking them to authorise an app means they never used their Twitter account to create an account on your website, you still should remind them.
Why? Humans forget.
I uninstalled the Medium app because of this. I created my account via the browser on my desktop using a social login and later decided to download the app on my phone. I indeed forgot which social media account I used to create my Medium account. The Medium app doesn’t let you access content unless you are logged in (another topic), so whenever you open the app even if it is through a link to a Medium blog post, you are asked to log in to access the content.
I also happened to forget the fact that a social network asks you to authorise an app when you try to log in to an app with said social network account for the first time. So I didn’t think of the try-and-eliminate method at the time. So every time I opened the app, I stared at the log in screen for a few seconds thinking if I pick the wrong social network, I would end up with two Medium accounts. I didn’t want two Medium accounts. So guess what I did? I closed the app every time. Eventually, I uninstalled the app.
From a UX point of view, I think there should be a way to help the user figure out which social network they used to create their accounts on third-party websites/apps from within the third-party website/app. Be it an automated method or by providing helpful tips.
So far the only app I encountered that put an effort into this is Line. Line allows you to log in with an email address (+password), a phone number or a social media account. I failed to log in with an email address and a password. So I thought I may have used Facebook to sign up. I chose to log in with Facebook, I was asked to authorise the app. At this stage I knew my Line account wasn’t connected to my Facebook account, but I authorised it anyway.
Then Line informed me (perhaps because I chose the ‘sign in’ option rather than the ‘sign up’) that I have never created an account with them using this Facebook account and whether I wished to proceed and create the account.
Bonus rant: I’m forgetful, but not amnesic
Ok so websites and apps allow users to use social logins because humans are forgetful (and lazy). However, I came across some that implement social logins in an unexpected way.
Below is a screen shot of Shahid MBC’s sign up form (it’s in Arabic). At the top you have a Facebook-blue button that reads “sign up with Facebook”. Then you have a horizontal line separating the Facebook button from the sign up form. By looking at it you would think that you have two options for signing up: 1-Social login with Facebook 2-Regular sign up form.
While the design suggests so, “signing up” with Facebook doesn’t actually sign you up. It just retrieves some of your information and fill in your name, email address and gender for you. It also makes these field uneditable. At the end, you still need to enter a password, your date of birth and a freaking captcha.
Instead of signing up to their free trial I chose to close the browser’s tab. I can be forgetful, but I’m not amnesic. I can enter my own name and email address. The reason I wanted to sign up with Facebook is so I don’t have to remember yet another password.
Shahid is just an example. I came across other websites that did the same thing. Interestingly, all these websites are middle eastern based.
Adding social logins to your app provides a great option for your users. Though, Social networks won’t do your work for you. Your app’s sign in/sign up/credential retrieval flow is still part of your user experience. Don’t neglect it. If you can help your users, do it. Users have better things to remember than whether they used Facebook, Twitter or Google to sign up to your app.