Let's talk about usernames


142 bookmarks. First posted by alanthonyc february 2018.


Dealing with usernames is trickier than people think... Here're some advice on how to handle them:
from twitter_favs
may 2018 by rukku
Great article on the edge cases around usernames and emails in site identity.
django  authentication  security  unicode  design 
april 2018 by brianly
The ideas above are not an exhaustive list of all the things you could or should do to validate usernames in sites and services you build, because if I started trying to write an exhaustive list, I’d be here forever. They are, though, a good baseline of things you can do, and I’d recommend you do most or all of them.
web  dev  security  tip  list 
april 2018 by Volgar
indentity and identifiers are much trickier than it seems

* Tripartite Identity Pattern
* uniqueness (case, Unicode normalization and homographs, e-mail addresses etc.)
* reserved identifiers
* …
software-engineering  python 
april 2018 by FND
tripartite identity pattern
unique usernames with unicode normalization
three part user schema
programming 
march 2018 by baddox
Let's talk about usernames
authentication  Django  unicode 
march 2018 by ronnix
Published: . Filed under: Django, Pedantics, Programming, Python, Security. A few weeks ago I released django-registration 2.4.1. The 2.4 series is the last in the django-registration 2.x line, and from here on out it’ll only get bugfixes. The master branch is now prepping for 3. via Pocket
Pocket 
february 2018 by driptray
Published: February 11, 2018 . Filed under: Django , Pedantics , Programming , Python , Security . A few weeks ago I released django-registration 2.4.1. The 2.4…
from instapaper
february 2018 by indirect
Comprehensive overview to all of the challenges to assigning usernames.
development  django  identity 
february 2018 by danielbachhuber
Let’s talk about usernames Published: February 11, 2018 . Filed under: Django , Pedantics , Programming , Python . A few weeks ago I released…
from instapaper
february 2018 by johnrclark
Let’s talk about usernames Published: February 11, 2018 . Filed under: Django , Pedantics , Programming , Python . A few weeks ago I released…
from instapaper
february 2018 by jlogar
• Be case-insensitive
• Unicode-canonicalize them
• Ban Unicode’s “mixed-script confusables”
• Block ones like “postmaster”, “www”, “.well-known*’ “contact”…

Specifics and handy links included.
web  security 
february 2018 by tigt
What could be easier than letting your service’s users pick usernames? <cue sepulchral laughter>
from twitter_favs
february 2018 by cobralibre
RT : Usernames: Challenges of building a login system for Internet software
from twitter
february 2018 by dunstan
Published: February 11, 2018 . Filed under: Django , Pedantics , Programming , Python , Security . A few weeks ago I released django-registration 2.4.1. The 2.4…
from instapaper
february 2018 by iany
Challenges of building a login system for Internet software
internet  login  django  username  name  security 
february 2018 by nelson
Notes on managing user identity (system-level, authentication key, and public identity). Hadn't really thought about the unicode confusables angle much; will have to read about that more.
Development  Identity  Unicode 
february 2018 by jonchambers
Let’s talk about usernames Published: February 11, 2018 . Filed under: Django , Pedantics , Programming , Python . A few weeks ago I released…
from instapaper
february 2018 by h-lame

Usernames — as implemented by many sites and services, and by many popular frameworks (including Django) — are almost certainly not the right way to solve the problem they’re often used to solve
article  security  unicode  webdev  development  programming 
february 2018 by davidgasperoni
I’ll write more about that sometime soon, but right now I want to spend a little bit of time talking about a deceptively hard problem django-registration has to deal with: usernames. And while I could write this as one of those “falsehoods programmers believe about X” articles, my personal preference is to actually explain why this is trickier than people think, and offer some advice on how to deal with it, rather than just provide mockery with no useful context.
django  devops 
february 2018 by bjcubsfan
I’ll write more about that sometime soon, but right now I want to spend a little bit of time talking about a deceptively hard problem django-registration has to deal with: usernames. And while I could write this as one of those “falsehoods programmers believe about X” articles, my personal preference is to actually explain why this is trickier than people think, and offer some advice on how to deal with it, rather than just provide mockery with no useful context.
authentication  design  security  unicode  usernames 
february 2018 by bezthomas