All geek questions in one place

Force alpha numeric user IDs

I am a programmer at a financial institution. I was recently told to ensure that all new user IDs have at least one alpha and one numeric. I immediately thought that it was a terrible idea, and I would prefer not to implement it, because I believe that this is an anti-function and a bad user experience. The problem is that I do not have a good case for not complying with this requirement.

Do you think this is a good requirement?

Do you have good reason not to do this?

Do you know of any studies that I could reference.

Edit: this is not regarding password. We already have similar requirements for this, which I am not against.

+3
source share
9 answers

One argument against this is that many usernames / identifiers in other areas do not require numeric components. Most likely, users will be better off remembering the user IDs they used elsewhere, and this is more likely if they should not include numerical values.

In addition, depending on the system, user IDs may work well by default when connected to external systems (ssh behaves this way on unix-like systems). In this case, it is obviously useful to have one identifier that is shared between systems.

, . , - ( , ) . (, , , , , , , , , .)

: , , , , .

+4

, . , .

:

  • , . , , "1" , .
  • , . , . '1' .

, , , .

+4

UserIds? - - , , , . . / , .

+1

, , , , , . , , - , . , ""; - .

+1

: , , , .

, : , , .

- -. , . . , . ( , reset . 7 6 . , .)

+1

, (, , [ ]).

, "", .

0

() , . , , , / , "" .

, , -, ( , !)

0

, ( , ) - , , 8 , ... 0 O, 1 8 B - , , ...

0

. , , . .

. , . , , ( ) , .

, , . . , ( ), , .

:

  • This will make the control route more difficult (serious security risk).
  • This can add value if you later start using one character .
  • This will cause a bad user experience, as users must remember that this application uses a strange username.
0
source

Source: https://habr.com/ru/post/1697169/

More articles:


All Articles