Before designing the sign up flow for an app I'm building, I decided to do a little research. My objective is to reduce the friction during the sign up process, and ultimately convert customers.

The traditional sign up process requires an email address, a password, and a password confirmation. Occasionally, a username is also requested.

This sign up process is flawed. It assumes that the password is the most valuable piece of information on the form.

Worst case scenario, if the customer incorrectly enters their password they would have to proceed with the forgot password flow. Of course you want customers to have a pleasant experience with your app, but is that extra field (current cost) worth the time savings in the long run (future gain). How many potential customers left the form prematurely? How many customers benefited from the time savings compared to how many entered the password correctly in the first field?

Email Is King

If engagement halts, email is our only way to persuade them to return. If we have special offers, email is our only way to persuade them to purchase. If it isn't clear yet, email is the most valuable field in the form. It is our only direct communication channel with the customer.

Worst case scenario, if the customer incorrectly enters their email they are unable to access their account. Timeout. This is orders of magnitude worse than incorrectly entering your password. To rectify the situation, the customer can contact customer service or create a new account with the correct email, but this isn't minimizing friction.

First Impressions Matter

In the first scenario, the customer incorrectly enters their password and as a result must proceed with the forgot password flow. Clearly, the customer is at fault for forgetting the password.

In the second scenario, the customer incorrectly enters their email address and as a result can't access their account. While the customer is at fault, it would appear that the app is to blame. It portrays a negative image that the app is poorly engineered, and not trustworthy.

What are the big boys doing?

Facebook and amazon both require email confirmation. Twitter and Github take a different approach, both require a username upon sign up which can be used as an alternate to the email when logging in.

There is no silver bullet. Obtaining the correct information is important, but too many fields on sign up forms scares customers away. The takeaway is email confirmation is more impactful than password confirmation.