One less field you need to ask new users to fill in when registering
One less thing for users to remember – and there is no secure way to retrieve forgotten Usernames. Lookatme has a Password Reset which requires users to enter their email address, but there is no Username retrieval. We cannot allow users to recover a forgotten Username without sending it through email, which is insecure, or by allowing people to log in with an email address to recover the Username. If we allow users to log in with email address to recover a Username, then Username login becomes redundant.
An email address will always be unique per user, Usernames are commonly not unique, such as “Marketing”. Forcing users to select a unique username such as Marketing237 would cause annoyance in your users.
When people move to a new company and get a new email address, they have to register again, which is correct procedure. With tens of thousands of users already registered under their email, only two users have reported this to be a problem. We will monitor the feedback to see if we have to design a solution for this issue
Users cannot be confused as to which username to use.
Why did Lookatme adopt email as username?
For a better User experience: Many gratuitous Help desk enquiries are caused by non-unique Usernames and double registrations. For example people often log in as Username A and order, then log in as Username B and get confused because it looks like their order has disappeared. Or one account can be active and the other account expired and the User cannot figure out why their access is blocked. The previous method frustrated Users and added to support costs.
In the long term Password Reset can only work securely for an email addresses login, because an email address is certain to be unique. Users with more than one Username account can only reset the password on the first account, not the other accounts.
Free-text Usernames are incompatible with the Lookatme multilingual module. Email addresses will always work because they only use alphanumeric characters.
The ‘Email as Username’ protocol will allow Lookatme to leverage emerging options for single sign-on. Soon your users will be expecting to login to your Lookatme site with a company account, government account, Google account, OpenID or other global sign-on initiative using OAuth. This is only achievable securely if we make this change.
Lookatme offers SAML 2.0 single sign on option for clients with Microsoft 365 and Azure ADFS 2.0. These rely on a unique identifier which is the email address of the user.
But what if I want to test different scenarios as different Users?
In Lookatme, ‘Log in as this user’ also allows you to emulate the User experience of test Users accounts.