Usernames for most websites are based on UNIX conventions/standards. They are lowercase, usually begin with letters, and have no whitespace. Many sites offer a “display name” which is more flexible.

While discussing requirements for a new project, my first inclination was to do something similar, simply because “that’s how it’s done”, but someone suggested this method might be antiquated. After giving it a few days of thought, I tend to agree. “Old” user domains like AOL, Windows, and Slashdot have logins that have allowed spaces for years, yet most of even the latest, shiniest Web 2.0 sites go back to the 1970s for their guidelines.

We’ve even taken it a little further and not only can users use spaces, underscores, and dashes, these characters are ignored for purposes of uniqueness, because I’m guessing people’s brains will tend to stem these characters when it comes to memorizing them. So “Eric Savage” and “ericsavage” and “Eric_Savage” and even something like “Eri__c-SAVA g-_E” would all be the same.

When appearing in a URL or other machine-readable context, these characters are all changed to underscore and consecutive duplicates are eliminated, so the previous username would be “eric_savage”. Also, leading and trailing non-alphanumerics are stripped, otherwise we’d likely find users all naming themselves __alphadog so they appear first alphabetically. We could expand the list of which extra characters are allowed, but we’ll start off easy.


    Can anyone think of good reasons for why you should stick to UNIX-style usernames?
  • Should users on a community site be able to change usernames? [I’m currently in the “no” camp]
  • If changeable, should the change history be public?
  • Most people like short usernames, some people prefer long ones. What do you think should be the limit? [I’m currently thinking 20]
  • Is a short limit too ethnocentric?
  • I largely agree with you, the username restrictions are mostly outdated. Although my preference is to not even have a username, but use another identifier that the user already has, such as his/her email address or OpenID. That way they don’t need to remember something else at all.

    But if you do have usernames, I agree with your design, I think it’s cool and valuable at the same time. The only reason I can think to stick with more limited user names is for integration with third party systems, e.g. LDAP diretories on your back-end or what not.

  • esavage

    I think logging in by email is desirable, in fact I think you should be able to associate multiple email addresses and log in as any one of them. However, people do change their email, and putting emails on a site is a good way to make them change it sooner due to spam. Some kind of name/username/”display name” is important when you have user content on a site.

    I haven’t yet used OpenID, because I didn’t put much stock in a platform that intends to be universal when they didn’t even have a usable Java client/library. Looking at their list ( it seems there are some new entries that are worth exploring. However, like email, an OpenID url isn’t going to look very personal. I’m not sure that I’d want to see my OpenID publicly displayed, but that might be an unnecessary concern, as I haven’t given that much thought.