Get Rid of Administration Module

Kishore C.S. (June 2001)

Each software application needs User Administration: Create users, edit users, delete/disable users. The same applies to web applications where it is more user driven. Most web sites require you to register your name. It becomes a tedious job for users to remember users, passwords for so many applications and websites. It becomes a de-motivating factor if registration procedure is not easy to use and easy to remember.

I attended Devdays 99: a Microsoft sponsored event couple of years back.  There the attempt to minimize administration overheads in Windows 2000 was discussed. Why recreate users if you can do integrated logins? The fact that user has logged into a workstation means that he is already an authenticated user. If you application needs authentication use the same login. This is called Integrated Security in Microsoft applications.

If your windows login and e-mail id login are same, you will be logged in automatically without prompt for login. I like this feature a lot. For every new application we build we need not create a new Administration Module. There should be simple ways by which user can provide any of his existing valid identity and login.

Each Administration Module developed will have same needs of ensuring uniqueness of user ids. Ensure user id can be remembered etc. When a user id preferred by user clashes it existing user id, one is forced to create and remember another user id other than preferred user id. So many administration modules floating it can be a pain doing administration and also to users to request access again and again. 

The same design principle applies for internet applications also. This good design practice needs to be adopted by new application designers.

Ways of eliminating administration modules and improving usability

1. Use user e-mail address as Login Id. Since e-mail id would be unique and easy to remember, users will be glad to use e-mail id as user id

2. Use Account number as user id. Business organizations likes banks can use any of the unique id's assigned to customers as login to their web applications e.g. Account Number/ATM Card Number/Credit Card Number. A Library can provide Library account number as online user id.

3. Applications designed and deployed in US can use SSN (Social Security Number) itself has userid.

4. Single userid for multiple applications. Large sites like Yahoo and Microsoft use same id across sites. Once you create a yahoo id you can use the same id for host of services from Yahoo like Yahoo Groups, Yahoo Finance etc. I have seen even Microsoft website using this where a hotmail e-mail id can be used to reigster with Microsoft Newsletters.

Some of the Microsoft products where I have used Integrated Security and found productive are:

1. Visual Sourcesafe

2. Microsoft Project Central

3. Microsoft Outlook 2000

Some of the examples Websites I have seen with reuse of existing accounts without the need to create a new user id are:

1. Bank uses ATM Card number for account access over web

2. Library uses Account Number for Account access

3. Insurance Company uses policy number for account access

4. Access to Mailing Lists is through e-mail address

5. Utility Company provides access through account number

6. Phone company provides access through phone number

Advantages

This approach has advantages for both users as well as Application developers

- Reduced code for developers

- Easy to remember and use administration features for users.

- Enhanced productivity through elimination of multiple logins

- Reduced administration activities for IS Administrators

Summary

Elimination of Administration Overheads improves productivity of users and I do hope newer applications will use this good "design practice". The title Get Rid of Administration Module was to get attention, but I do not mean, we could do away with lot of things, but make the administration module much more easier to accept if what I discussed is followed. I don’t claim that this is my idea, but it is an idea I picked and I feel this design should be implemented by developers while designing new applications.