I like Jeff Atwood’s blog, but I don’t agree with his posting about removing the “User” field from the dialog box. If you pull the user out of the user/password combination, you have to force unique passwords in your system. That’s a huge hurdle. I know couples where they share the same password for their individual email accounts. Technically, that’s less secure than different passwords for each others account, but it’s easier to manage.
Another problem is that two people could have unique passwords that only differ by a single charactor. If you mistype your password when you login and your password matches the password of another user, then you will login as that user without any warning.
Shouldn’t login dialogs look more like this?
And you know what? He’s right. Your password alone should be enough information for the computer to know who you are.
Click here for the rest of that article
[Via Coding Horror]