Tips on sign-in form
Users are not usually fond of filling forms. When they have bad experience with the login system of a website, they tend to avoid the latter afterwards. To keep users coming to your site again, some good practices to keep in mind:
- Use federated login when possible
- Avoid having confirm email for example
- Recommend using password management when possible or at least hint chosing passwords without meaning and warn about password being pwned
- Multi factor authentication
- Avoid having user change password regularly. Studies show that it is not more robust
- Gather data analytics to improve user experience (for example how many times the
forgot passwordlink has been clicked)
An article on form best practices can be found here.
A video link during the Chrome Dev Summit 2020.