The importance of two-stage sign ups

We’ve probably all used sites where all you have to do to sign up is provide an email address and a password – and, hey presto, you’re a registered member and you can post messages, upload photos, fill in surveys, etc, etc.

A moment’s thought reveals that using such a system on your own sites is a daft idea – there are simply no checks to ensure that the submitted email address belongs to the person signing up, or even if it is a real email address. Of course, you can validate the email address (use the world’s most complicated regular expression, or PHP’s filter_var function, or just check the string contains an @ sign – I’ve seen all three methods used, and often in the same codebase), but this does not guarantee that an email sent that address will ever reach the person it is intended for.

But, from a business perspective, whenever you need to contact your registered users, you can fall foul of systems put in place to protect real inboxes. Suppose you have a few hundred registered users with non-existent email addresses – let’s say that most of them are @hotmail.com addresses that our users have helpfully just made up. Then, suppose we decide to email all our users – chances are, a database query will get the email addresses to send to (possibly in alphabetical order) and some code then sends off the emails. Most of them will bounce of course, and we’ll probably ignore the bounces.

But, from the point of view of hotmail – it just looks like some server is sending emails to random addresses – and the sender will probably be checking to see which ones don’t bounce – a classic sign of namespace-miningĀ  – “bombard a domain with loads of made-up email addresses and see which ones don’t bounce”.

So, the moral of this tale is – if you need users to sign up to your site, and you need an email address, insist on a two-stage authentication where your user can confirm that they can receive emails at the address they give to you. Obvious really.