This is the first in a series of tips on enhancing the usability of mobile websites. I'm beginning with user registration and login.
But first a quiz, can you spot three mobile usability problems with the Facebook login screen in the image? The answers are at the bottom of this post.
Most web services require new users to register. This practice has been carried over to the mobile web. Unfortunately registering typically requires quite a bit of typing - something that is much more difficult on the average phone than on a PC. Here are some tips for improving the mobile user experience of a registration based site.
- Provide some content that doesn't require a login to give potential users a feel for what the site is about. For example, if your site is a social network or forum let anyone browse it in read-only mode without logging in. If they like the site, they will be motivated to register and if they don't like it, they will go away before cluttering your database with a profile that will never be used.
- Email addresses make lousy mobile logins. There are generally long and include the "@" sign which requires an extra 7-12 clicks to enter on a phone keypad. Even if you require an email address for verification, let the user select a short alpha or numeric login ID rather than using the email as the login.
- Allow users to register on the mobile site or from a PC if they prefer. Avoid forcing users to register on a PC. When someone discovers your site on the mobile web, you will drive them away for good if they have to remember the url and register when they get to a PC.
- Don't require more registration fields than absolutely necessary. Unless you are offering mobile banking or shopping all you really need is an ID and a password. Let the mobile user sign up by just choosing those two fields. When and if they log into the desktop version your site, you can require them to fill out a full profile.
- Use persistent cookies to keep users logged in across sessions. Most modern phones and networks support cookies but tend to be somewhat fussy about the kinds of cookies they accept. Limit your cookie names and values to alpha-numeric characters and keep them short, ideally under 128 characters. If setting multiple cookies, use a separate set-cookie header for each one rather than concatenating into a single header with " ; ". Some Nokia browsers ignore concatenated cookies. Test your cookies on as many real handsets and networks as possible.
- Use long cookie expirations. Setting cookies to expire in a few days discourages casual users by forcing them to re-login and doesn't really buy much security. If a phone is stolen it will be deactivated before your cookie expires anyway.
These tips primarily apply to mobile sites that let users create and share content - like forums and social networks.
Email and calendar sites, online shopping sites and especially mobile banking need robust and potentially more cumbersome security. But even a banking site shouldn't use an email address as an ID and should offer some mobile content that doesn't require registration like an ATM finder.
I'm always surprised to see how many big name mobile sites are built with really poor usability in areas of registration and login. The currently hot Facebook's mobile site is one of the worst in this regard, with at least three registration related usability issues:
- A PC is required to register.
- Uses email address as the login ID.
- You can't do anything on the mobile site without a login.