[DTrejo]

We ask for very little information from users, and asking for an email to reset the pass felt like too much.* Thanks for bringing this up as we are probably going to change this and make it more secure.

*when you can see your pass it's harder to forget

[blasdel]

Please stop paying attention to Jakob Nielsen.

Password masking, along with asking for a password confirmation, is what everyone expects. Any affected attempt at 'simplifying' that UI without a total transformation (like no accounts at all, not shit like openid) leads directly to anger and disillusionment when their plaintext password is staring them in the face.

Use <input type=password>. Use two of them when registering, and one when logging in. It's a basic affordance, don't fuck with it.

[DTrejo]

How would you feel if we obliterated accounts completely?

[blasdel]

Well, are they doing anything now?

I've been favoriting tracks but it's not clear that it has any effect on what gets played. You're saving the tracks I fave, but then I can't do anything with them except delete them — which should absolutely not use the same heart icon you use for creation. I clicked it thinking it would play that track again, and POOF.

[SkyMarshal]

Three fields should be ok - username, pass, confirm pass. Better that than visible passwords. If users want to add their email and other info later, have an Account page for that.