Preventing Duplicate Login Records_问答_开发者

开发者 https://www.devze.com 2023-03-30 18:45 出处：网络

We have a a large set of users who use our web application fairly infrequently (i.e. they don\'t visit every day or every week). As a result, they often:

We have a a large set of users who use our web application fairly infrequently (i.e. they don't visit every day or every week). As a result, they often:

forget the password they used
forget which e-mail they used on signup OR
may have actually had their e-mail address change since the last time they signed in

Often, when facing the login signup form, they'll simply create a new login record with a new/different e-mail address.

This is a problem because it's important they stay linked to their previous records, and it can cause problems if there are duplicate records for a single person in the database (note that these are not开发者_运维问答 duplicate records in a database sense; from a data standpoint they're not duplicates at all, but they are duplicates in the sense that they point to a single real human being).

Right now I have a check in place that sees if there is already someone with the last name and first initial, and asks them to confirm if they are or aren't one of these other people. Obviously this is very clunky and falls flat when dealing with very common names. Also, it's confusing to display a page to a user that says, "I think you're actually this other person. Please let me know if you are this person or not."

I'm looking to hear from other developers who have had to deal with this problem, and what they came up with. I'm also interested in solutions that gracefully merge two logins.

You could easily prevent the user from signing up if they entered a duplicate username or e-mail address from what already exists in your database. You could present the user with a page that asks them to recover their password for the existing account. If the user is going to sign up with a different username and e-mail, I'd argue at that point it may be out of your control to stop the user from creating another account (unless you are gathering some sort of unique identifier from the user (e.g. social security number, etc). I wouldn't do any filtering based on name as it's never going to work 100% of the time.

Otherwise maybe a simple UI change could help alleviate the problem as well (e.g. "Returning user? Login"). Make sure the user sees that they can login with their existing account, and on that screen make sure the user can easily see that they can recover their account information if they can't remember it.