
Surprise: People hate being forced to use Facebook - cookingrobot
http://dailycred.tumblr.com/post/30602034530/surprise-people-hate-being-forced-to-use-facebook
======
ChrisNorstrom
This just further proves how disconnected Mark & Friends are from the real
world.

In real life, people talk very differently when they're:

\- around their friends

\- with their family

\- with their lover

\- in public

\- at work

\- online

So this "one identity" + "real name policy" + "privacy is dead" nonsense is
just disheartening. There will always be a need for humans to keep secrets, to
have separate identities, to keep the people in their lives separate, and the
topics they talk about separate. "Sign in with facebook" just breaks all those
rules.

Not everyone shits and showers with the bathroom door open.

~~~
pitchups
I agree. The need to share and talk differently with different people, is
precisely the problem that Google tried to solve with their concept of circles
in Google+. However, the fact that they also required real names and a single
identity, makes it a partial and therefore ineffective solution.

~~~
winter_blue
One serious problem with the way Google+ does circles is that once you post
something, you _cannot_ change whom you've shared it with.

~~~
yuhong
Well, keep in mind that the people you already shared the post with can always
save it locally.

------
patio11
They'd get more signups (and more of them would be for traditional accounts)
if they did some fairly trivial work to make the sign up process sound like it
actually created customer value.

Here's their home page: <http://www.shopobot.com/>

The button to show that modal window is "JOIN NOW" with microcopy "It's free."
That microcopy is the best part of the whole experience.

Clicking the JOIN NOW button brings up the modal window:

"Welcome! How would you like to sign up?"

Absolutely nothing here promises _benefits to the customers_. Consider
something like:

Button: "Start Saving Money!"

"Save money when stores change prices. How should we tell you?"

[Login with Facebook] or [Get an email]

microcopy: "We never post to Facebook. Shopobot is totally free. You can stop
getting email at any time."

Clicking "Get an email" would bring you to the signup form, currently a
DailyCred interstitial, which is (at present) an experience which will not
maximize conversion rates, to put it lightly.

[https://www.dailycred.com/oauth/authorize?client_id=ceb6f715...](https://www.dailycred.com/oauth/authorize?client_id=ceb6f715-2eb5-437c-8e31-0867f826ded4)
<\-- don't worry, I won't use that client ID, feel free to click it

That page should:

1) Remind people why they want to sign up for Shopobot

2) Have button copy which suggests value, rather than "Sign Up". Ideally, it
should have copy which recalls the scent of the interaction on their page.

3) Continue providing risk-reducers like "free", "we won't spam you", etc.

If you're wondering whether to use DailyCred or roll your own login system, by
the way... how much is 20 ~ 40% more users worth to you? Enough to justify the
whole hour it will take to roll a login system? Good, thought so. (+)

(+ I'm sort of intrigued by the parts of their offering which do not actually
sign up users and log them in. However, it strikes me that bundling them with
logins is an exceptionally bad idea, and as you need them you can either
implement them ala carte or plug in a provider who would let you keep control
over the most important 30 seconds of a customer's relationship with you.)

~~~
cookingrobot
Thanks for that feedback, that's great advice for how to polish the language
and call to action. With DailyCred you do have flexibility to make custom
signup UI like you describe using the rest api[1], so you can bake it right
into your experience. The interstitial login screen is for people who want to
get set up instantly. The rest api supports all of our features, including
email validation, SSL, password resets, etc. Both options are a big win over
only offering Facebook signup. [1] [<https://www.dailycred.com/api/rest>]

------
ams6110
If your only login option is Facebook, I won't use your service. Full stop. I
don't have a Facebook account, and I certainly won't get one to be able to log
in somewhere _else._

~~~
awj
I do have a Facebook account, and I have basically the same policy.

Facebook is for me to chat with friends and all of us to post photos we may or
may not regret when we sober up. I neither need nor want to tie any more of my
life to it.

------
guelo
Facebook has done a great job of ruining their app ecosystem. Many users are
trained through embarrassing spam incidents to never trust Facebook apps.

~~~
TillE
Is there even an option for developers to use where you can use Facebook
_just_ for login, without requesting any additional permissions? That would be
acceptable.

This is why I still like OpenID (eg, log in with your Google account). I know
they get nothing but my name and email address, they can't touch my account at
all, and nothing is public.

~~~
zevyoura
From Facebook's documentation:

"When a user auths your app and you request no additional permissions, your
application will have access to only the user's basic information. By default,
this includes certain properties of the User object such as id, name, picture,
gender, and their locale. Certain connections of the User object such as the
Friends connection are also available. If the user has made more of their data
public, more information will be available."

Source:
[http://developers.facebook.com/docs/authentication/permissio...](http://developers.facebook.com/docs/authentication/permissions/#basic_info)

------
viraptor
Unfortunately some companies are in bed with Facebook and it seems it gives
them more than the additional users.

For example Spotify - still allows only Facebook signups. The first quote on
signup page is of course <<"Spotify is so good" - Mark Zuckerberg, co-founder
of Facebook>>. I'm definitely one who spent additional time to look for an
alternative.

Edit: As parbo noticed, they actually do allow email+password signups again. I
completely missed the link when checking.

~~~
parbo
Actually, it is now possible to sign up with only email. Not sure if it
applies to all markets, but in the US you can.

~~~
viraptor
Wow, they don't want people to spot that, do they :) I went to the signup page
to verify before I posted my comment and completely missed the link, even
though I was looking for it. I really appreciate them doing that - will check
out their library today.

Edit: Or not. They seem to know my city better than me since my postcode is
both required and invalid...

~~~
parbo
What's your city and postcode? I can forward it to the devs responsible for
the signup page.

~~~
viraptor
Any postcode with letters fails apparently. This doesn't work for UK where
letters are in all postcodes. "1" got accepted though.

------
hartleybrody
Whenever I used to demo one of my old projects, the immediate feedback I'd get
from most "advisors" was something along the lines of, "oh, you don't offer
Facebook signup. Why not?"

I think the underlying assumption was that using Facebook login would make it
easier to make the site "go viral" because we could more easily spam our
user's networks.

I always cringed at this idea from my own personal experience, and from
anecdotal evidence from my friends.

I'm very excited that someone finally backed this up with data.

~~~
aristidb
But they're not saying that offering Facebook logins is bad. Just that
_forcing_ people to log in with Facebook and not offering an alternative is.

~~~
davewasthere
And at least by offering it, you'd get metrics on how many people use it. Like
Patrick said, it's the most important 30 seconds of your relationship with the
customer. It's worth trying whatever you can do to improve that signup
process.

------
radarsat1
So, I understand that Facebook et al are more popular options, but I am
noticing that OpenID in particular is really losing momentum. Personally I
really liked the idea of OpenID, so I'm just wondering, from the point of view
of web developers, what is it about OpenID that makes you not want to use it?
Or is it just that Facebook is overwhelmingly more popular as a login method
so it's not worth it?

~~~
Kilimanjaro
...and sadly BrowserID never took off.

~~~
callahad
Huh? Our first beta release is scheduled for ~2 weeks from now, and the entire
idea is barely a year old. We're still quite alive and well -- come join us on
GitHub (mozilla/browserid) or IRC (irc.mozilla.org/identity)! :)

Plus, Mozilla is dog-fooding Persona all over the place[1], so we're
personally invested in getting this thing right and keeping it working.

[1]: Bugzilla, MDN, Etherpad, Mozillians, Metrics, Popcorn, OpenBadges,
Marketplace, Add-on Builder, Flicks, and Affiliates all use Persona, with more
to come.

------
fotoblur
At my current job all the project managers think our users are so promiscuous
with their online activities that they'll use services like Facebook for just
about anything (Events, RSVP, etc).

However, from talking directly with some of our user's most of them are
telling me they avoid these features because they don't understand what the
long term effects might be. Apps who have abused Facebook and stories about
potential privacy concerns in the media have left a bad impression on them
regardless of what Facebook has done to 'fix' the problem.

------
lwhalen
Yes, this. A thousand times, this. Personal case in point - earbits.com.
Freaking LOVE their service. I used to use their 'don't need an account'
option almost daily to stream awesome new music, and I would've LOVED to
create an account just to save my settings. I tried to use their Android app,
and what am I presented with immediately on install? "Sign in with Facebook!"
Insta-delete. I've gone to Pandora, and even though I don't get the 'new'
music I'd prefer, I still pay Pandora their $30 or whatever for a similar ad-
free experience.

Earbits, if you read this - PLEASE ditch the Facebook-only option. I would pay
you $45 a year (50% more than what I pay Pandora) for your service, but I
absolutely loathe anything having to do with Facebook, and I cannot continue
to use your service if you insist on requiring them.

<3, \--Me

------
cookingrobot
If you're adding user accounts, there's really no excuse not to include an
email & password signup option. You can alienate a lot of potential users if
you require Facebook connect and don't give the option.

~~~
malsme
Also, you're allowing yourself to become exclusively dependent on another
company's platform.

~~~
potatolicious
I've always wondered why more websites/apps didn't have their own user
database, with Facebook credentials as merely a _link_ to an underlying record
that the website actually owns.

This way if you one day want to run far, far away from the FB monster you're
already set - the behavior of your app doesn't break horrifically, and you can
devise a seamless/pain-free transition for FB-authenticated users to create a
password.

~~~
callahad
> _I've always wondered why more websites/apps didn't have their own user
> database_

Because your password database is a liability. And it's a huge pain in the ass
to store securely. And a breach at another site can harm your users if they
re-used their password. And there's a huge amount of friction when you ask
users to create and manage yet another password.

Seriously, traditional login systems suck. They're great for privacy and
maintaining direct control over your user data, but they're a huge pain.

I don't want to shill, but Mozilla _is_ aiming to address the bulk of this
with Persona (<https://developer.mozilla.org/en-US/docs/Persona>), which will
have an api-stable "beta" release in about two weeks. However, it works right
now and has been deployed on sites like <https://voo.st/> as an alternative to
forced-social login.

~~~
grey-area
_Because your password database is a liability._

Arguably it's a greater liability for a business to be dependent on a third
party for a connection with their users. It means they lose important user
data like email (they have to ask for it usually), they're tied to that
provider, and their website breaks for those users if that third party service
goes down or is unreliable.

If you store your passwords securely you can't leak them, only a hash, but I
agree it's a pain for users to manage multiple passwords/identities and can
lead to too much password sharing.

Persona looks far more interesting than social login as it addresses the issue
with who owns controls user data/logins and does not have a single point of
failure, plus it provides the email.

------
aretiste
"Dumb fucks" - Mark Zuckerberg on Facebook users

You can trust Facebook. Why wouldn't you? Facebook is lovely.

~~~
bicknergseng
Heard similar language from Google... and Apple... and MS... and ...

The idea that you should or shouldn't "trust" a company...

~~~
aretiste
It's just unusual if you think about it. It helps to have been alive in a time
before the web was significant. Think of all the companies you give personal
information to. Think of how much information you actually give them. Think
about what they are permitted to do with that information.

Then think about sending a list of all your friends, family, colleagues, your
personal thoughts and commnications on personal matters, to a random,
characteristically anti-social CS major you've never met. It's just plain
weird. And Zuckerberg was absolutely right in what he said: we're dumb to do
it. The problem is this didn't phase him one bit. He went right ahead as if it
was all going to be OK. And we just kept sending him more and more info.

Granted, Facebook calls itself a company, and the situation has grown quite
large and complex, but I still think of Facebook as one CS student's website.
It is what it is.

You send your personal info, in some cases more personal info than you would
give your personal banker, your doctor, or your lawyer, through the web to
total strangers, many of them are anti-social kids like Zuckerberg, to be
posted on his website.

It's a disaster waiting to happen.

~~~
bicknergseng
Maybe it's because I've grown up with fairly ubiquitous internet, but I've
never expected anything I put on the internet to be private. Furthermore, I've
never expected anything done in public to be private. I have a hard time
understanding why people expect otherwise on both.

------
sonyasonya
Facebook isn't as interesting anymore. I think the new trend is more
privacy/less sharing.

~~~
chris_wot
Since when has that been a "new trend"?

------
jonchang
People also hate having to create a new username/password combination for
every single web service they want to try.

~~~
lachenmayer
I'd say most people have one username/password combination they use for every
service. On mobile devices, having to sign up with an email and password is a
bit of a hassle, and Facebook/Twitter login makes more sense.

~~~
adgar
Anecdata point (new favorite word) from someone who in theory should "know
better": I have my corporate password, a bank password, personal email
password, and one I've been using literally 80% of my life for all the other
sites. It's got a Couple variations to get around silly restrictions. In its
base form, it's a 6 letter dictionary word. Why? I don't care! I don't want to
devote any more energy to the problem than strictly necessary and those sites
aren't getting any data I care much about.

PS: 2 factor for corporate account and personal email

------
mark_l_watson
Pardon an obvious comment but some developers using Facebook and Twitter for
login don't get this: when you are only using FB and T for login then don't
write your app to request any access rights at all to a user's FB and T data.

For example, why have your app request the access rights to post to a user's T
stream?

------
progrock
As an end user, I just don't end up knowing quite how my privacy is impacted
when signing in through a third party site.

I signed up to a site only yesterday that gave me the option of signing in (or
was that signing up - I haven't a clue...) with a yahoo account or a Facebook
account, or an email address and password. I thought what the heck I'll sign
in with my yahoo credentials. I then went back to Yahoo - and it gave me some
message about authorisation and data sharing. What data is shared? Who knows.
I didn't want anything shared, other than perhaps my email address. But why
not explicitly say that?

So for me it's just a case of pure confusion, and the worry and fear that I've
shared something that I didn't want to with another application - for example
I wouldn't want to share my address book.

Another service I know of demands a Twitter login, as a result I don't use it.
Which is annoying as I do want to use it. I can't be bothered to set up
alternative Twitter accounts just for this purpose.

I guess that if I don't get it - and I have a technical background - then what
hope does anyone else have? Or do punters just go about and blindly trust
services with their data?

------
nchuhoai
I think, as always, generic statements can't be made. And one example
shouldn't necessary serve as a general example. The willingness of a user to
use Facebook as a login identity is influenced by:

1\. the trustworthiness/brand recognition of the service 2\. expected behavior
of the service with the data

In this case, it seems to me as if there is no value a user would get from
signing up with facebook besides the convenience. Furthermore, being an
e-commerce service, I would actually say offering Facebook login is counter-
productive because it may be perceived as a commercial use of your data (I
know its irrelevant, but you would be surprised how often I have heard this)

Also one should note that the averaging 30% really isnt that bad. 50% would
mean its completely random, meaning there wouldn't be a preference either way.
I wouldn't say people hate being forced at all.

For obvious reasons, this post is biased towards selling their service.

------
Zenst
I have no problem with sign in by facebook and promotions, as long as I'm
given the choice or ways of logging in be that google, msn, and few others and
or a local account option. When I'm not I don't use that product as I dont
want a facebook account, my choice and any situation were I'm forced to I walk
away. My choice.

I can undestand why so many do it, they have IT on the cheap and instead of
doing a local login option you pick facebook and leave all authentication down
to them and there API's. But that's there choice.

Eventualy some law will pass forceing companies to allow the user to pick
which social login persona they wish to use and that will be that, repeat of
the whole unbundle IE affair remixed for today playing out with social media
login's. We shall see, but until then everybody has a choice they just need to
execute it more often than they do.

------
mijail
Not all "people" are your customers. The study lends nicely to customer
segmentation. Tech-savvy customers are comfortable using it.

If you can accurately define who your customer is then you can tailor your
user experience to fit them best.

Studies show the people that use Facebook Connect have a higher LTV and show
higher engagement.

~~~
mtr
Do you have any links to these studies?

We're building a site that relies on network effects and are considering
offering only Facebook authentication, with perhaps other signups available in
the future. Anyone have any good case studies on startups that went this
route?

~~~
mijail
<http://goo.gl/a3nnd> this is one. I remember there was a big chat about this
on quora.

------
rschroed
We've found similar results during user testing recently.
[http://fellswoop.com/blog/is-user-trust-in-facebook-
declinin...](http://fellswoop.com/blog/is-user-trust-in-facebook-declining/)

------
justinchen
I ran a quick poll on PickFu and got a pretty split response across t0 50
responders.

<http://www.pickfu.com/B7VOBA>

------
salman89
I don't hate having a single sign on option, but I hate not having more
control what data is available to the app.

------
leke
Their survey result gave me an idea for a user to give their own opinion and
have those opinions to appear as choices for other users. Every opinion would
have a tally and be ordered in popularity. The top 5 opinions would appear
with an option to display more if desired.

------
samvj
I'm not really convinced that you can make a reasonable conclusion on this
based on 34 data points.

~~~
cookingrobot
The in-person survey part is good because you can get qualitative sentiment.
It's good to talk to customers, even for this soft data. The quantitative data
comes from watching how people behave over time. The bottom of the post shows
the graphs of how users actually sign up, and that has 10s of thousands of
data points.

------
nyg_hakeem
Seattle’s Pike Place is not a good place to ask such questions. If they want
REAL answers, ask on these websites with facebook signup options.

I don't understand why people hate this option. If you don't like it then
leave it, but it does help people like my friends and I.

------
mvanveen
Given the overwhelming sample size of 37, I think we can all agree that this
is statistically significant information which one should base big platform
decisions on.

~~~
nostromo
You might have missed the second half of the post:

> This is a better test, because the signup screen offers both options with
> equal weight and we have over 70,000 organic signups.

~~~
bicknergseng
Still wasted the first half of the article talking about the results of a 37
person survey. 37 people with no demographics info at all is so anecdotal that
it's effectively worthless.

As far as the second test goes, of course the general trend will be younger
people who actually use Facebook will not mind... using Facebook.

~~~
mrgreenfur
I don't think that's true at all. Useability guru and generally big-headed man
Jakob Neilson says you can get the majority of content from user testing as
few as 5 people. Granted this isn't user testing, but small sample sizes are
not pointless, they're directional.

------
chris_wot
Yeah, no bias there at _all_.

------
dustingetz
has anyone played words with friends? all the cool kids log in with facebook.
that way you can send game requests to girls and stuff.

people login with facebook when they want the experience to be social.

------
delucain
This is the only reason I don't pay for a Spotify account.

------
pvdm
Not a surprise. I don't use facebook any more.

------
codyromano
This article raises interesting points about Facebook signups, but the
statistics are meaningless because fewer than 50 users were surveyed.

~~~
glesica
So you're saying you didn't actually read the entire article... The data in
the last 75% of the article were based on 70,000 organic signups split by
beta/post-beta users.

------
codyromano
This article raises intriguing points about Facebook signups, but the
statistics are meaningless because fewer than 50 users were surveyed.

------
unkoman
I just have a fake account for that.

------
raam86
Weird you didn't link to shopbot

------
sleepyhead
Based on a survey of 34 people.

------
fossuser
This statement can hardly be made with the numbers that participated in this.

In addition the article isn't very good and the No - Spam option speaks more
to users being wary of the application than facebook.

This doesn't seem like the typical quality of article usually voted up on HN -
I'd guess people just voted it up from the link title without reading (since
people love to hate facebook).

~~~
cookingrobot
The inspiration for the survey came from the numbers we were seeing on our
site (across 10's of thousands of signups). There was a clear preference for
signing up with email vs facebook.

The in person survey is too small to provide meaningful numbers, but it was
useful to hear real people's feedback and sentiment.

I agree that it seems weird that people would rather give their email than
facebook because they "don't want spam". But that's really what they said, so
that's not speculation about their reasons. And again, the survey was asking
people about their experience and feelings about sites they've signed up for,
not just about our site.

~~~
michaelbuckbee
I think the difference might be from the social stakes involved, if an app
spams your friends then you publicly look bad, if you get a spam email nobody
knows but you.

