7 Don’t Make Mistakes for Your Application

There is a lot of confusion when it comes to the “social login” button. Sometimes connecting an app to a social network is all that is needed for the product. For example: “Log in with Facebook” to play games with friends; From “Connect to Twitter” to “unfav” all your tweets etc.

On we see a lot of apps that use OAuth to provide these kinds of features. Yet OAuth is often used for authentication (if you’re not familiar with this strange standard, I wrote a tutorial on OAuth, which hasn’t been translated yet, but it will come).

So in terms of authentication, two parties face each other: social login providers who explain that it’s a “must” to “promote conversions”, and outsiders who want to be a little “cool”, and who Says “it’s not worth it”, it’s bad for UX and it’s intrusive.”

The truth is certainly somewhere in between: it all depends on the goal to be achieved. That’s why it’s so important to focus on the facts rather than being deluded by catchy headlines.

The social login landscape is full of pitfalls, so let’s avoid them. Here are 7 mistakes to avoid, 7 lies or over-simplifications we often hear.

1- “The user will no longer need to fill the form”

This statement sounds great in theory, but let’s try to verify with an example. Gigya is a leader in social login management. This is what they sell, so they have to master the topic at the top: no excuses.

They actually offer a nice bunch of social buttons: Over the Top!

social media connections

Let’s try registering with Twitter.

Twitter Authorized

wow they wanna do it right Follow people, edit my profile and post Tweets on my behalf? Why is it like this ? I’m just testing their sales department, it’s not even an app. They scare me a lot.

Let’s try with another, more professional provider: LinkedIn.


Asks “to access my profile and my connections” OK, that’s fine. In this way Gigya will be able to fill the form automatically.


complete profile

Oh no ! Looks like I still have to type in my business name and my email address. Why can’t they get this information from LinkedIn?

Never mind, let’s try… with Facebook. Yes, the form doesn’t load.


Let’s try with another browser.


Missed too. OK I give up. I just wanted to test the flow, but apparently now is not the right time.

The moral of this story ? Well, forms are not always filled with social logins. not at all.

2- “You will have a pre-validated email address”

Whoahoo, excellent: no need to send a confirmation email to click. Then what. When a user has to check their email, and sometimes even dig into their spam mailbox, conversions drop. You know this very well.

But the reality is once again more difficult than it appears. Let’s continue with my Gigya example: even if I had managed to register with Facebook, I would still have had to enter my email address. Indeed, like many people, my email is hidden in my Facebook profile. Yes.

But it gets worse: Let’s take another well-known identity provider. Twitter also won’t return my email: The micro-blogging service never gives access to this information. In order to receive a pre-validated email, you will therefore need to be connected to providers such as Yahoo or Gmail.

3- “Social login increases conversions”

Even though the user still has to fill out inconvenient forms, it is true that the password is no longer required. Great, as it simplifies the registration process. But there is a sacrifice.

Remember that the user will need to click twice: first to open a popup managed by the identity provider, and second to authorize the application. This means that during signup, the person leaves your interface for a few seconds.

Not so terrible, of course, but far from optimal. Let me explain

When recording, you want to get straight to the point and minimize friction. Let’s take an extreme example: the signup form for Stripe.

See? You can even “skip this step” or “skip this step”!


If you select this option, you will be redirected to a dashboard where you can experience the product, and if you wish, a “Save Account” option is available to you. Creating an account is as easy as saving text.


Magic. Icing on the cake: The backup form returns in a hyper-simplified format: email/password, that’s it.

stripe 3

Maybe not every brand can do this. But my goal is just to make it clear that reducing friction is always your number one goal. That’s the crux (having a great product, of course).

Science also confirms this: “Getting a person to agree to a compulsive request to begin with” is a well-known rule of social psychology, called the “foot-in-the-door” technique. goes.

To achieve this, the social login button is an option, but it’s not always the best:

  • Could be lighter than double click with email + password popup;
  • Requesting recordings directly is not always the right solution either.

If you are an online medium, perhaps a Facebook Connect is ideal. But in other cases, there may be better solutions: no one-size-fits-all rule.

4- “will facilitate future connections”

The logic is this: if a user registers with Facebook, he or she will not need to remember the password. The next time he logs in, there will be no “I forgot my password” type of event. Hence, it will boost loyalty and CLV….

The reality is less bright. People sign up for many different services with lots of social media accounts. Any developer will tell you: preventing duplicate users is a nearly impossible puzzle to solve.

A user would register with Twitter, then log back in with Facebook, and there would be no way to cross-check the two identities as one and the same.

Maybe a cookie can help pin down the right buttons, but we live in a multi-media mode: phone, tablet, PC… there’s no perfect solution.

The more different social login buttons you provide, the more confusion you create.

5- “Users can thus control their data”

Social logins always depend on user permissions. It is considered amazing. This way, third party apps are not able to access anything and everything.

The concept was recently taken a step further, with Facebook announcing its “anonymous login” (by the way, do you know anyone who has actually used the feature?).

But then we forget that privacy is asymmetric. People forget that it’s only effective on one side: Identity providers (like Facebook) know which apps are being consumed, by whom, and how.

Either way, it doesn’t directly affect you as an app developer. While this may be an ethical question, it is not a problem for an identity provider to know your users. Stop. Unless this supplier is definitely your competitor… oops.

6- “Social logins are the source of a NASCAR effect”

Here’s one of the points put forward by Mailchimp CEO Ben Chestnut: He called for removing social logins from his interface, because of the impact it could have on brand image. As we have seen, registration is an important stage of the customer journey. So would that be right?

Put logo on Facebook, Twitter, Google+ etc. On your site, converting your own product to Nascar would be the equivalent of:


Dilute the brand by displaying third-party logos can distract the attention of your target audience and reduce your impact. When you look at how Mailchimp handles its signups, it’s true that including a Facebook button can disrupt the experience:


Beautiful composition. We shouldn’t spoil everything. But let’s look at another case.

see below? Do you really think the “Signup with Google” button is breaching the Trello branding?


Answer: From my point of view, no. That’s why Mr. Melchimp is doing too much.

And I’d prefer to register with Google a thousand times, rather than creating an arbitrary new username that I have to remember every time I come back.

Also, Mailchimp boggles my mind: why can’t I provide a simple email address as an identifier? Why do I have to invent yet another username?

They would think that this is going to create an atmosphere and a special relationship with the brand, but it is really annoying. I’ve checked with a few people around me, and I’m not the only one who always forgets about that damn username.

Social buttons don’t necessarily turn your website into a “nascar.” Let’s continue with the last myth spread by our friends at Mailchimp.

7- “Social login buttons are not worth it”

Haha, you might have recognized the title of a famous Mailchimp blog post. However, this is only a “linkbait”, which led to long lines of comments in 2012. When you read their text for real, you realize that it is nothing more than a headline to click on. ,

Basically, you learn only one thing: there’s a 66% reduction in login errors, and a 42% reduction in password resets, thanks to better informative messages for the user/password fields. Very interesting indeed, but it has nothing to do with the teaser title, which still spreads a myth about social logins.

And so my conclusion will be: it is impossible to make a general rule regarding buttons for social logins. To say that it is necessary, or that it is unnecessary, is kind of dumb here.

This deviates from the real issues, which should be addressed by the application developer, product manager and UX specialist.

Of course, relying on a third party for authentication is not a good idea. However, participating in the creation of new usernames or passwords is also very bad for the Internet.

Remember to always build your strategy based on your product, don’t listen to what others are trying to give one-sided directions.

Recent Articles

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox