Sign in Subscribe

User Accounts & Why You Need Dozens

User Accounts & Why You Need Dozens
Paris, France

The picture I've been painting in the last few posts (sources of truth, software versioning, and deployments) is that unlike navigating the physical world, navigating (and understanding) digital spaces is not as simple as your senses may lead you to believe.

A common source of frustration for many users of software is the concept of accounts. Questions like:

  • Why does everything need an account?
  • I've already given my name and phone number, why do I need to do it again?
  • It won't accept my password. Why?

A comprehensive answer is circumstantial, but there are some key ingredients in ownership and access rights and the division of labour. Often what users experience as one fully integrated software solution is actually many different services that may not have robust connections between them for practical reasons that aren't front of mind when you're using software.

Today, most people generally agree that companies should not have free access to our data without our consent. They also generally agree that of the access these companies do have, they should not have the right share it with whomever they wish without our consent. However, as users we are interested in convenience, and in specific scenarios we would like every service to know exactly who we are because telling them each and every time is quite time consuming, feels like a lot of work, and it can be quite difficult to maintain a working knowledge of what information has been given to which companies.

So there are clear tensions that play out in a very visible way to anyone who uses contemporary software, and these tensions are a product of material concerns that come into conflict with each other. Privacy, convenience, and between companies, competition. More trade-offs to add to the pile introduced in the introduction to code and in the piece about deployments.

There are also ways that user accounts add friction to the software development lifecycle prior to release, and they are related at least in part to the discussions in sources of truth and deployments. In the world of mobile apps, publicly released software is generally available to all users that are authenticated (or signed in) with the relevant storefront. For projects with multiple environments, the non-production environments are generally in a state where they are not publicly available, and access to them is by invitation only. Most modern applications also require that users have accounts with them (not just the storefront) and sign-in into those accounts to access general functionality. To reiterate, there is nothing necessarily coupling the account from the storefront with the account inside the app. I know from experience that this is a point of confusion for many, many people. On a similar note, it may shock you how often people assert that they have an account with one email address only for it to have been with another.

If you take these truths together, it means that to be able to investigate the state of your project on all 3 tracks, you probably have 6 layers of authentication to navigate between the storefronts and the authentication system that belongs to the app itself. For many projects that is not the end of the story either. As I mentioned in deployments, in the mobile world there is an abstraction layer over payment systems to enable facilitate testing a purchase flow both with real spending and without. This adds another dimension of variations, bringing our 3-track application with its own login to 12 possible permutations.

Trust me on this: it can get much more unwieldy.

Part of what makes this so problematic to manage is that there are boundaries of ownership and responsibility that are completely invisible. A topic in and of itself. I've previously used the term 'digital multiverse' in previous posts about the thread that I am currently exploring but I think that might be a little too sci-fi. The important concept embedded in the term is that to truly understand what is going on in the digital world you really need to dig-in and wade through a field of seemingly conflicting information. A field of truth. There are other aspects too, and I'll write about them soon.

Until next time.