Check or not check - that is the question
A lot of copies are broken in the question of how to check the email address (for example, habrahabr.ru/post/175329 ), but let me give you some statistics from a real project.
Many will want to ask why we collected it.
The problem is common prosaic : at some point after the release, the project analyst unloaded the statistics on the use of the service and realized that she was lying. And she lies because there are test users there, incl. for load testing. And as it turned out, not all developers / testers used the correct mask for test emails. Therefore, the main task was to mark supposedly test emails, which was successfully done. At the same time we got some interesting statistics, and we want to share it.
So, there is a service that does not require checking e-mail before creating an account. At the time of writing this post, we have about 5,000 registered users. Of course, the absence of spaces, the presence of "dogs" and other obvious errors were indicated to the user at the input stage, and therefore they did not hit the base. It turns out that we cannot reliably understand whether the user was mistaken on the left side of the e-mail (one cannot exclude that he was sealed, but one cannot be sure that he did it), then it should be immediately discarded. What we have after this is a domain, and in the domain there is a top-level domain.
It turns out that more than one percent of users are mistaken and use instead of the top level domain .com, the domain .con, this is due to the similarity of these letters and the adjacent location on the keyboard. No such problem was detected with domains in the .ru zone. Also, by indirect signs (the left part of the email and other characteristics) at least one more percent of users (of the total number, not only in the com zone) were found who noticed the error and fixed it (i.e. there are two very similar accounts in the database one of which is inactive).
')
In total, we have at least 2 percent of incorrect e-mails. Do I need to do anything about it? For this you need to answer the question
Why did you ask for email?
To write letters to him sometimes?
Extremely, survive.
So that the user has a history and / or he would not have to register again?
Most likely, also survive.
To send the user information about the order, etc.?
The user will have to worry about, until he receives his purchase or call the manager. Or even contact technical support. Probably it is worth tagging orders for which it was not possible to deliver the letters, and when calling such users to further specify the e-mail.
So that the user can store useful things in your service?
Now this is more serious, he wants to enter again, and it will not work. And well, if you guess what the reason. But you can register again and start screaming that the data is gone.
How can I fix this?
Black or white list? You can check the top-level domain for availability in a predefined list, which will need to be updated frequently (see, for example, habrahabr.ru/company/yandex/blog/180355 ), or on the fly check for data.iana.org/TLD/ tlds-alpha-by-domain.txt , or vice versa filtering explicitly opachetnye domains, like .con.
Ban or allow? Should I prohibit registration if, in our opinion, the e-mail entered by the user is incorrect? It seems to me that it is not, but it needs to be warned and proposed to fix it.
Offtopic: I am terribly enraged by the requirements of sites to enter a password longer than 7 characters, and that it contains different letters, numbers and punctuation marks, although I know that I will never return here again. Oh yeah, you can not use the password password, but gfhjkm will certainly fit. But you can warn the user that his password is weak and, if he still uses it, then no complaints will be considered. Although as shown by the experience of communicating with different services, they still will not be considered.
How it worked in ancient times
- What is written here? - asked Frodo, who tried to read the inscription on the arch. “I thought I knew the letter of the elves, but this I cannot read.”
“These are the words of the elven language of antiquity from the west of Middle-earth,” answered Gandalf. “But they don't say anything important to us.” This is what they mean: The door of Durin, Lord of Moria ... Tell, friend, and come in.
- And what does “say, friend, come in”? - asked Merry.
“That is clear,” Gimli replied. - If you are a friend, say a conditional word, the door will open, and you will be able to enter.
“Yes,” Gandalf confirmed. - This door is probably controlled by the word.
<...>
He went back to the rock and lightly touched the silver star in the middle with his staff, under the sign of the anvil. In a powerful voice, he said:
“Annon Edholen, Edre hi Ammen!”
The silver lines dimmed, but the gray stone did not falter. Many times he repeated these words in a different order, varying them. Then he tried other spells, one after another. Nothing has happened.
<...>
“I was wrong after all,” said Gandalf, “and Gimli too.” Merry, the only one of all, was right. The opening word was written all the time on the arch. The translation was supposed to be this: say "friend" and come in. I just uttered the word "friend" in Elvish, and the door opened.
What to do?
Website or application?
If a user uses the site to access the service, he is more likely to encounter re-entering an e-mail / password (although browser suggestions for remembering a password tend to protect him from this) than if registration is done directly on a mobile device: user will enter the e-mail / password once and never again :) will not enter it. And when the couple comes to change the device, it may not be possible to access the old one to find an erroneous e-mail.
So check e-mail or not?
There are three e-mail verification policies:
- verification is required until the user confirms the e-mail can not do anything;
- verification is optional, but part of the functionality is not available until the user confirms the e-mail;
- check missing.
If you have a website, then you can use the second method, and it is not necessary to limit the functionality, you can not very annoyingly remind. If you have an application, you can try to enter a hybrid e-mail verification option: an e-mail is sent to the user, if he does not confirm it within a week, the application may show a reminder to check the mailbox or make sure the e-mail is correct .
And as a bonus, let me present some more statistics:
- 65% of all users of the service are registered in the .com domain;
- 41% of all service users use gmail.com as their email address;
- 25% of all users of the service are registered in domain.ru.
- 17% of all users have unique domains for this service.
Source: https://habr.com/ru/post/264539/
All Articles