Four Fatal Flaws Screwing Up Your User Acquisition
User acquisition is the key, right? It’s the tech/SaaS/nerd dream. Build something and the users will come. You don’t need their money, just their email, their eyes, and their attention. The VCs show up, throw money at you, and you become a 10x hero.
But if you can’t get onboarding right, you can forget about user acquisition. Here are four fatal onboarding flaws you need to fix right now:
Stupid (not a strong enough word) Password Requirements
Why, oh why are you still mandating super bizarre password requirements? The other day (no lie) I was attempting to create an account on a system that required an 8-character password. Not an 8-character minimum. Exactly 8. Some security, huh? But they did require at least one numeric digit. I’m estimating that a brute force attack on a known length password of 8 will take about that many seconds to complete. And if your validator won’t allow a secure password generator to do its job, we’ve got a major onboarding issue. I’d much rather you issue me a password. Heck, email it to me later. But don’t make me bail on your onboarding process because it took me 30 minutes to figure out your password formula.
I’m a huge fan of some combination of these password creation parameters (bonus points if you have a majority subset):
- Expose one password input field.
- Ability to generate a compliant, secure password with a button.
- There are four character types, but don’t make me use all of them and don’t prevent me from using any of them.
- Don’t artificially limit the number of characters. Some users like 60-character passwords. Let them use them.
- Be password manager friendly. In fact, you should encourage password manager use explicitly.
- Allow users to see their password by enabling some control. This is important for the first two items to be usable.
- Allow users to be emailed a password or even just a password reset link they can use upon activation. This practice excludes a password input from your onboarding process entirely and can be a huge winner if you can allow some operations within the first unvalidated session. Create the account, log them in behind the scenes, and give them limited access until they validate their email and set a new password.
- Clearly explain why a non-compliant password doesn’t fit when they try to create one.
This is a huge first step in getting onboarding right. It’s the place I bail most frequently on creating accounts.
Too Much Up Front Information Capture
Why do you need my shoe size to help me automate my sales process? You probably don’t. Think about your onboarding forms. What is 100% essential? Start at the end. What outcomes are important for the user’s experience with this account? Keep those and only those. At least for the moment forget about yourself and your big creepy data grab. The user has landed in your onboarding process because they suspect you can serve a need. They’re anxious to get to the good stuff. Every input you eliminate from the pre-good-stuff is critical. If that means your pre-validated user acquisition process is only an email address or a phone number, you are winning the game.
Confusing Order of Operations
While you’re user testing, as soon as someone says “what am I supposed to do now?” find out exactly where they snagged and write the following note:
Rethink step y.
Don’t try to defend, explain, and instruct. Fix it. I’m always inclined to discourage instructional videos – across the entire usability life cycle of a product – but it’s even more critical while onboarding. Remember the user wants the good stuff. Give them an easy and direct call-to-action to the good stuff.
Bad Validation and Error Reporting
I’ve always preached that negative testing is as important as good development. And negative testing is the best way to reveal that input validation best practices got skipped during development. It’s super easy for even a really thoughtful developer to say “I’ll fix that validation error message later.” I was trying to create an account recently with a major U.S. retailer and gave up completely when a form submission silently failed 5 times. In fact, I wound up giving up completely on my order because backing out of the account creation form (with their back button) emptied my cart. Bad form, folks. Bad form. Be clear about what’s wrong. Please.