Implemented Registration Process Changes

[Russ]

I've noticed a lot of discussion on the registration process but no specific suggestion (to an extent). I too am really fond of a simple way of signing up, while DOB is optional I think it should be taken a step further:



Require user to check TOS: This would be nice if a user didn't have to actually check the box, instead, a simple "By registering you're agreeing to our terms and rules.

Require Confirm Password: Simply takes out the second password step, lost-password link always there if they were to mess up.

The new form loaded in an overlay for kicks:


reCaptcha is optional of course.



Lastly upon completion a nicer completion screen would be nice, old one:




New ideas with a quick edit:

 

[RobParker]

DOB is a legal requirement (in most countries) isn't it?

 

[Russ]

DOB is a legal requirement (in most countries) isn't it?

Technically XF has it as an option already so I left it out of the conversation. As for the legality of it not entirely sure.

 

[jmurrayhead]

Great suggestions, Russ. Now more than ever, you will see less fields on registration forms. Most people tend to have a "I ain't got no time for that" attitude if they can't quickly register. It's more of a roadblock than anything else.

 

[ŽivaAkcija]

also need to be resolved registration weird usernames with lots of numbers and CAP like SPOK2345 or darK2424

 

[Sheldon]

This could easily be one of the smartest, thought out suggestions I have seen in quite some time.

If not added to core, this will be a must have download.

Good stuff @Russ

(also, I agree with the removal of Captcha)

 

[Chris D]

I'm going to mark this as implemented for now. We've ended up with this:



The main changes being that the password confirmation field has been removed and the checkbox to confirm rules etc. has been removed. Now the form is much simpler for the general case, it also now loads in an overlay (overlays are generally improved in XF2 anyway, especially when it comes to longer registration forms so it should still scale well to forms with lots of custom fields or additional functionality).

There are no options to control this, this is just how it is by default (minus the captcha).

(also, I agree with the removal of Captcha)

This of course is already possible, because you can already switch off the CAPTCHA if you feel it provides little benefit.

However, we won't be disabling the CAPTCHA by default as arguably it does still present some benefit to prevent automated sign ups (some bots may still have ways around most CAPTCHAs but most CAPTCHA systems will evolve and close any vulnerabilities).

We haven't disabled the CAPTCHA here, instead we're now using the reCAPTCHA invisible option. You might have noticed we marked that suggestion as implemented last week. We've now enabled it here. When you enable it for your own sites (beta 1 onwards) you will need to register your own API keys and ensure they are set up for invisible mode.

Lastly upon completion a nicer completion screen would be nice, old one:

New ideas with a quick edit:

Certainly not an unreasonable suggestion, but mostly a separate concern to the registration process itself. Might be worth creating a separate suggestion

 

[Alpha1]

Nice one. Thanks!

 

[RobParker]

No longer forcing the rules acceptance before registering isn't great :-(

From a legal perspective it's probably bad for some people but also just from a general moderating one, not being able to say "you agreed to the rules when registering" is pretty bad.

 

[Alpha1]

IME it doesnt matter. You still need to force members to read the rules or else they will not look at it. Very few people review ToS when they register. Its best to force after registration.

 

[Chris D]

From a legal perspective it's probably bad for some people but also just from a general moderating one, not being able to say "you agreed to the rules when registering" is pretty bad.

You can say that, because they did. Clicking "Register" is acceptance as clearly stated. The default terms that they're "agreeing" to also clearly states acceptance is merely implied by using the site:

If you do not agree with these terms, please do not register or use the Service. Use of the Service constitutes acceptance of these terms. If you wish to close your account, please contact us.

You'll find that implied acceptance is pretty much the norm, globally.

 

[Dakota Storm]

IME it doesnt matter. You still need to force members to read the rules or else they will not look at it. Very few people review ToS when they register. Its best to force after registration.

They don't have to read it, the simple fact that it exists on your sites means they are bound by it, whether they've read it or not.

 

[Alpha1]

I have added this suggestion here:
Force members to read the rules (after Registration and on Warning)

 

[Xon]

They don't have to read it, the simple fact that it exists on your sites means they are bound by it, whether they've read it or not.

It isn't that simple; https://en.wikipedia.org/wiki/Browse_wrap

You really need to be able to show proof they have seen the terms & services.

 

[Russ]

First 4 sites I picked randomly:




I swear there's a bug with XenForo and I'm going to find it, text keeps getting removed after attachments!

Anyways 4 major sites Twitch/Facebook/Twitter/Reddit approach it the same way XenForo is going.

 

[Sheldon]

It isn't that simple; https://en.wikipedia.org/wiki/Browse_wrap

First 4 sites I picked randomly:

If Twitter, and the ruler of the interwebz (Facebook) say its okay, or have been doing what XF is starting to do now, I'd say it is that simple.

I'm ~99% CERTAIN their legal teams have went through every possible scenario.

 

[Robust]

It isn't that simple; https://en.wikipedia.org/wiki/Browse_wrap

You really need to be able to show proof they have seen the terms & services.

This isn't a case of browse-wrap

From the page you linked:

In Ticketmaster v. Tickets.com, the court looked at a breach of contract claim where the terms and conditions were situated at the bottom of the home page in "small print." [4] The court ruled for the defendant in this case but did allow Ticketmaster to replead if there were facts showing that the defendant had knowledge of the terms and implicitly agreed to them.

and

The judge further ruled that Tickets.com was not legally obligated to abide by Ticketmaster's terms and conditions because they were not "open and obvious and in fact hard to miss".[28] The terms and conditions were located at the homepage's bottom and viewers did not have to assent to them to access the website.[29] Regarding the trespass to chattels claim, his decision noted that "it is hard to see how entering a publicly available Web site could be called a trespass, since all are invited to enter".

If you can make it obvious enough that a user must've seen the terms, then that would be implicit agreement. As ruled by the court, implicit agreement is a form of agreement. Having it literally on the registration page is making it obvious enough for the user to see it.

Edit: Context helps, to the guy you were responding to, simply having terms somewhere on your site, according to these rulings, does not make them binding.

 

[ibnesayeed]

Those who are interested in the matter of the license agreement might want to enjoy this thought experiment My Web Browser's Terms of Service.

 

[Dakota Storm]

The company I work for is a mail order/internet order plant company, we have a physical paper catalogue and a website, our ToS is on the website and not in the catalogue, the simple fact that it exists on the website means all of our customers are bound by it, whether they've been ordering from the catalogue for the last ten years and never once loaded up the website or not.

 

[Robust]

The company I work for is a mail order/internet order plant company, we have a physical paper catalogue and a website, our ToS is on the website and not in the catalogue, the simple fact that it exists on the website means all of our customers are bound by it, whether they've been ordering from the catalogue for the last ten years and never once loaded up the website or not.

The logic shown in those decisions seems to indicate that unless a user was directed towards the terms they don't apply. So, if you have a book and at the back, in very small text, you have a bunch of terms that didn't have to be seen until you finished the book, I don't think that'd work. Same goes with a website, simply having "Terms of Service" at the bottom of a site doesn't make it automatically apply to every visitor, as that ruling shows. If you show them, or link to them, on a registration forum that's implied agreement, since the user was informed and linked to them.

Simply having them on a website doesn't make every visitor bound by them.