Thursday, April 26, 2007

Outrageous forms

Ever go to one of those sites for a "free" article and then get hit with an unbelievably long form where all of the fields are required? Obviously some marketing hack who figures this is a great time to fill their database with all kinds of wonderful information that they can them mine for gold.

Well, the same thing can also happen with companies that you already have a relationship with or with signups for fee events. And this can be exacerbated with poor website design and sluggish response.

I recently had one of those situations when attempting to send a question to Cingular about my online account. I wanted to know why my online bill had not yet been posted for the current month. So I figured I'd send them a message. They very conveniently had a link on their site to "Email us your billing questions". I thought this would be the quickest and easiest way to communicate with them... boy was I wrong!

It's a 3-step process (they say). Step 1 is a confirmation of your basic account information: no problem there. My difficulties started in Step 2, where they want to know what my problem is about.

Well... this looks like a 3-step process in and of itself, and it's only Step 2. Worse than that, there is obviously a round-trip to the server to display this information and it took 15-30 seconds to update the page after each selection. And the final item ("Sub-topic 2") simply returned a "There are no options for this Sub-topic" -- at least they told me before I had to wait for that item. But still, totally unacceptable!

Once you get past this page (if you get past it... I was beyond the point of trying to communicate with Cingular: now I wanted to see how bad this could be). I expected it to get worse, and I was right! Here's Step 3 of the dialogue. Notice that there are two images here: the list of questions (all required) that they ask you for can't be displayed on a single page!

The list of questions is unbelievably long and they are all required! I even have to enter (HAVE TO!) enter my current snail mail address before I can submit a help request... how bad can you get?

I guess they don't really want to get questions -- they just make it too hard to submit them!

Suggestions to Cingular: (1) Get some faster servers; (2) Read "Don't Make Me Think" (Krug); (3) Have real people check out your designs before inflicting them on your poor users.

Thursday, April 12, 2007

Passwords & misinformation...

I continue to be amazed at the number of ways that people can botch signups for online services, and Dr. Dobb's Life 2.0 conference just reminded me of that.

You go to their site to register for this free conference, and you have to give them a password. The first question is "Why?" There's certainly nothing private about registering for a conference that I can see, but what the heck, I'll give them my password.

The instructions clearly say:


so I carefully type in my usual "non-secure" password which has a special character included (old habit of putting in something a little less guessable, and the one I commonly use for these kinds of "Who cares?" registrations) and attempt to move on.

Up comes a dialogue box that says "Blah!"

yep, you read that right: "Blah!"

Hardly what I'd call a user-friendly response to a perfectly reasonable password that has been accepted by maybe 95% of the websites that I visit. After I click "OK" on this message (not what I would really like to tell them, but that's my only choice), they finally display "Password invalid! Please re-enter".

Notice that they don't tell me what's wrong with my perfectly valid password... just that it's wrong and I should try again.

(Un)Fortunately, I've learned that some sites -- like Dr. Dobb's site -- just don't get it when it comes to passwords. They:
  1. Don't give you good instructions on how to enter your password.
  2. Make poor decisions about what is an "acceptable" character in a password.
  3. Don't give you good instructions when things don't work as expected.
What's ironic and a little said is that their "minimum 6 characters" is almost certainly based on the idea that longer passwords are harder to guess. That may or may not be the case, but not allowing special characters makes them easier to guess.

And just why is a special character (a few sites have only a few special characters that they don't allow... go figure!) not allowed anyway? It's not like a password is going to be 'executed' and thus open the door for some kind of hack... that is true isn't it Dr. Dobbs?

Too bad... it shouldn't be this difficult!