Some of us don’t want to log in from a social media account.

If you’ve been on the internet for a bit, you’ve probably heard of blogging. And if you’ve ever dabbled with blogging, you know that there have been a lot of contenders trying to claim the majority share of the space. You have content management systems like Drupal and Joomla. You’ve got total website packages like Wix and Squarespace. And you have the blogging software titan, WordPress.

Then Medium came along, an elegant option for blogging that doesn’t require software installs, MySQL databases, hosting packages, or custom themes.

It modernizes a lot of features and makes more accessible the internet writing platform. Sometimes it modernizes to a fault, like not allowing users to have custom headers or layouts without making a publication, even if users just make a publication with the same name. Then you have to publish everything to two channels. Sometimes editing options could be more clear, like creating grids with multiple photos.

Either way! It’s a fantastic and simple option, but with one major flaw: Medium has an overly involved login process. The easiest way to log in is to connect from an external source like Twitter or Google. You can log in using an email address, but you must verify with an email confirmation link every. single. time.

A complaint I’ve heard plenty of times has been that users have their hand held when creating passwords and with security settings. Rather than issuing out a simple and clear warning that your password can be simple but may be compromised, companies force users to create passwords with special characters, upper and lowercase letters, and numbers. It seems clear that companies are trying to reduce the number of support requests because of hacked accounts, but if a concise warning is displayed when creating an account, part of that warning can describe that free accounts may not receive support or that they are of low priority.

The same is true of services like Steam, which enables Steam Guard by default and which I have turned off because of how time-consuming and annoying it is when I try to use even simple features. Want to leave a review? Ah, please enable Steam Guard, then wait 24 hours, then try to post a review, and then confirm via email code. Christ, a review is not a security threat, and users are free to up or downvote reviews they don’t like, a corrective system that already works for spammy or bad reviews.

Unfortunately, Medium follows this same design. If you are a privacy advocate or for whatever reason do not use Twitter or Google (there are plenty of good reasons), you are required to log in with your email address, then confirm via email link. There is no option to disable this security feature, to let Medium know: “eh, I’ll take my security into my own hands.”

This is a time-consuming issue because many privacy and data security advocates, and users that simply don’t want to manually do so, use plugins like Cookie Autodelete and/or tell their browser to delete cookies and history upon closing said browser. In other words, if you use Medium often, you have to log in and confirm via email. Often.

What’s the solution? Simple. Allow users to disable this feature and implement a simple pop-up login option. Rather than having to navigate three pages (click log in, click log in with email, type in credentials, navigate to email, click on email, click on email link), users can go to medium.com, click log in, and type their credentials into a pop-up.

To the staff at Medium, thanks for making such a great writing platform. Let’s release the hands of users so they can get to work!


Photo by Chepe Nicoli on Unsplash

This post on Medium

Leave a comment

Your email address will not be published. Required fields are marked *