Authenticating Using Email vs UserName [closed]
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
开发者_如何学Go Improve this questionwitch is better ? using Email as UserName or using unique UserName to authenticate user. what is your idea ?
You can use email as the username so you cut down the number of fields in your database. The problem with this is that if a user wants to have different accounts with the same email, he wouldn't be able to do it. If you don't care about this, you can easily use the email.
The most user-friendly solution is to use the minimal (yet still secure enough) number of data to sign in into the service.
So, basically, using email address to sign in is the better idea.
This has not much limitations when signing up multiple times (you can use one account to sign in multiple times eg. by adding +something to the email address, eg. in GMail, creating eg. someone+something@gmail.com).
This is also not giving you much additional help with limiting data within database, because you should not display the email address as the username (thus you should not get rid of username field in the database if you still need to identify the user to different users).
Probably only reason to do that is to increase user-friendliness.
Even better than email, when signing in:
There is still something even better than limiting (from username+password to only password) the amount of data user has to rememeber. You can allow this person to use some account that he/she already posseses and uses eg. every day, but you can make it secure. Most popular solutions here are OAuth (see more) and OpenID (see more).
If you are talking about a login form, it would be nice to let the user choose by accepting both. Like:
Username/Email: |________|
Password: |________|
When registering, the user should specify a unique username, whether they be using it or not.
加载中,请稍侯......
精彩评论