Dan Hulton's blog

I am feeling completely uncharitable this evening, so it is time to criticize something that has always upset me. Bullshit, dancing-around-the-issue news writing. Witness, for example, the following article:

Elderly driver dies after car hits house

A woman in her seventies died Wednesday after her car struck a house in the Blossom park neighbourhood.

There is too much of this past-tense, verbs-being-applied-to-impersonal-nouns bullshit in news writing. Nobody ever assigns blame any more. The car struck the house, oil was spilled, a woman died of knife wounds – like its the fault of the inanimate objects in all these cases.

Are news organizations so desperate to cover their asses and not offend anyone that they’ll remove the heart and soul from the interesting news they’re trying to report, and replace it with boring, flat, featureless pap that will neverless get the facts across in the least-suable style possible?

This lady didn’t die because a car hit a house. She died because she had a heart attack while at the wheel, lost control of her automobile, and crashed her car into someone’s home.

When I log in to the Penny Arcade forums or Metafilter, I log in as “Imperfect”. Other places on the internet require me to log in as “Imperfex”, since “Imperfect” was taken before I got there. And when I tried to log in to my banking site, they demanded I use a number in my username, so I’m required to create yet another username. All in all, I have maybe five or six usernames I use with some frequency.

It’s bad enough that I have to remember a dozen passwords to the dozen or so different sites I log into frequently. But to also have to remember which username I used to sign up as well? It gets ridiculous.

Assume I’ve forgotten both the username and password I used to sign up for ZobR – the very latest web-2.0 friend-to-friend notepad-sharing network. With five usernames and twelve passwords, I have up to sixty combinations to try out before I can gain access.

Of course, three tries later, the auto-hacker-prevention technology (“Hacker Safe”, oh jeeze, that’s a laugh) kicks in and locks the account anyway, so I have to use the “forgot your username/password?” link.

This is nonsense. There are precious few circumstances where it makes sense to use a site-specific username as part of the login credentials. You should nearly always use the email address.

Possible objections

Anonymity: Say you want to sign up for a dating site, but don’t want your email address flashed around everywhere. Simple! The email address is only used as the authentication credentials. You pick an anonymous psuedonym once you’ve created your account. This is how dating sites work anyway, although most require you to create a username that is never used for anything except authentication.

Security: Every time you sign into your webmail, you enter in your email address. It’s already out there in the clear, guys. And the idea that your username should be as difficult to guess as your password is nonsense. It’s visible as you type it in. Stop enforcing strictness rules on usernames.

Email address not collected: Most places collect your email address as a matter of course. It makes it a snap to send out a re-authorization link, should you forget your password, or send out service alerts. Sure, if it’s not necessary to collect an email address to log in, then perhaps using a custom username is justified, but you already have to use a field to identify the account for authorization, why not use that field for the email address?

It’s what’s simplest for the user

And that’s what counts, right?