When you want people to sign up for a free trial of a Web 
application, you want the signup process to be as quick as possible. 
Email address and password (plus password confirmation) seems the be 
the least amount of information.

But, what happens when that user has to recover her password? Because 
the signup didn't ask for any sort of security information, how can 
we verify that it's the right user? We need some other information, 
but that makes signup longer.

This seems trivial (just ask for the customer's first pet's 
elementary school principal's favorite color), but I'm sure the 
Marketing folks will balk when I suggest adding to the nice, short 
signup process.

I thought of the explanation Staples.com gave when they started 
asking for ZIP/Postal codes before showing products: we can serve you 
better if we know where you live, and know what stores and products 
are nearby (or something like that, and they don't seem to do it 
anymore). If we do ask for a security token, explaining the purpose 
might make it seem like a *good* thing to prospective customers.

Any thoughts or experience with this?

thanks				-- hs

. . . . . . . . . . . . . . . . . . . . . .
Hal Shubin
Interaction Design, Inc.
617 489 6595
www.user.com

    --------------------------------------------------------------
    Tip of the Day: Use the archives to research common questions
     CHI-WEB: www.sigchi.org/web POSTINGS: mailto:[log in to unmask]
              MODERATORS: mailto:[log in to unmask]
       SUBSCRIPTION CHANGES & FAQ:  www.sigchi.org/web/faq.html
    --------------------------------------------------------------