Should I require username at login?

[homonculus]

I'm putting together my first website, and I'm wondering if I should bother asking for a username at login. If the password is long enough, won't that be just as difficult to geuss randomly as a shorter username and password?<p>Assuming the answer to that is yes, it a good idea to force users to choose a password, or would that be inconvenient?

[psuedonym]

The number of people who pick '12345' or 'password' is astronomical. And forcing them to remember a "strict" password is more detrimental to the user experience than just having a user/password combination.

Besides, what are you going to do if you get dupes? "Sorry, that password is already in use"?

[homonculus]

I see now that it is a terrible idea. Thank you.

[staktrace]

If you need to allow identification of users, you'll probably want some sort of username. And adding a username later will be harder than putting one in now. Also, any deviation from what the users expect/are accustomed to (i.e. username/password) will lead to user confusion. I would just go with the standard username/password login.

Personally I don't mind if you generate a random password for me, but either way works.

[homonculus]

There would be a username, it just wouldn't be a part of the login process. I'm inclined to go with a better system instead of what people are expecting, but that's probably bad policy if I want users :) . A randomly generated password might solve the duplicates problem, but I guess I'll just stick to the standard format. Thanks for the feedback.