JordanRash Posted June 11, 2016 Posted June 11, 2016 Many of our users our confused after registering using facebook, twitter or google. They have to manually say they forgot their password in order to create a password for the site. In addition, we use the forum login to authorize people to log into a software of ours which requires the user to have a password. I think there should be an option to allow a user to set a password when siging up with social media
MADMAN32395 Posted June 11, 2016 Posted June 11, 2016 They could also just go into their account settings and add a password without having to request a password reset.
Colonel_mortis Posted June 11, 2016 Posted June 11, 2016 9 minutes ago, MADMAN32395 said: They could also just go into their account settings and add a password without having to request a password reset. No, they can't. If you registered using social media, the only way to add a local password is using the reset form, for some reason. IPS said they were aware of it when I reported it as a bug but for some reason don't seem to think it's a big issue, despite it not needing much code to implement.
JordanRash Posted June 11, 2016 Author Posted June 11, 2016 5 hours ago, Colonel_mortis said: No, they can't. If you registered using social media, the only way to add a local password is using the reset form, for some reason. IPS said they were aware of it when I reported it as a bug but for some reason don't seem to think it's a big issue, despite it not needing much code to implement. Yeah I didn't think it would be to difficult to implement. They seem to make excuses for all of my suggestions rather than do anything about it.
Aiwa Posted June 12, 2016 Posted June 12, 2016 Just out of curiosity, why would they need a local password when they can log in with the click of the Facebook button? Also, there are some limitations when registering via 3rd party providers., not sure if this is one of them or not. There are stipulations on the workflow when creating accounts via the Facebook login method. For example, you're not allowed to send the user an e-mail to verify their account. The assumption is that Facebook has already done this and you must trust all accounts.
Colonel_mortis Posted June 12, 2016 Posted June 12, 2016 7 hours ago, Aiwa said: Just out of curiosity, why would they need a local password when they can log in with the click of the Facebook button? Also, there are some limitations when registering via 3rd party providers., not sure if this is one of them or not. There are stipulations on the workflow when creating accounts via the Facebook login method. For example, you're not allowed to send the user an e-mail to verify their account. The assumption is that Facebook has already done this and you must trust all accounts. It's perfectly reasonable for the user to want the option of signing in without going through facebook (for instance they are going to log into new devices where they won't have logged into facebook yet), and at the moment you have to jump through hoops. It wouldn't be a password that you have to enter as well as authenticating with Facebook, it would just be a password that you can use instead (as you already get by starting with a password and connecting to the social account).
Joel R Posted June 12, 2016 Posted June 12, 2016 18 hours ago, Aiwa said: Just out of curiosity, why would they need a local password when they can log in with the click of the Facebook button? Also, there are some limitations when registering via 3rd party providers., not sure if this is one of them or not. There are stipulations on the workflow when creating accounts via the Facebook login method. For example, you're not allowed to send the user an e-mail to verify their account. The assumption is that Facebook has already done this and you must trust all accounts. You would think this wouldn't be a problem. And yet ... I can give you a very easy example, which repeatedly occurred on my v3 community. (I've since turned off social media registration since this problem was becoming such a hassle). Many members sign up using a social media account. Life is good. But many months later when they return, they forget that they initially registered through the social media and keep trying to input their username and password. And since there is no local passwordthey, can't login. You would think they would click on forget password. But instead, they email the website because they think it's my fault. It's hardly my fault since I didn't do anything outside of IPS' normal workflow but it is my problem. When users login through a social media account, I think there should be an automatic email. Not for validation, but a registration confirmation clearly showing they used Facebook to login. That helps them remember to use FB in the future. Once a user logs in, they should also be strongly encouraged to set a local password, maybe with an inline notification that only dismissed once the local password is set.
Management Lindy Posted June 13, 2016 Management Posted June 13, 2016 Marking this planned, but do note that it's part of a much bigger login handler change so it's not going to arrive tomorrow by any means.
JordanRash Posted June 13, 2016 Author Posted June 13, 2016 1 hour ago, Lindy said: Marking this planned, but do note that it's part of a much bigger login handler change so it's not going to arrive tomorrow by any means. Many thanks! Keep us posted
Recommended Posts
Archived
This topic is now archived and is closed to further replies.