On Wed, Jan 21, 2009 at 3:01 PM, Bill Moseley <moseley at hank.org> wrote: > Again, my preference is to ask for the email once and then send a > confirmation (which provides either a one-time password or a URL to > confirm the registration (or whatever). If the email is critical, this is what you do. If it's not critical, don't annoy the user by asking them to enter it in twice. > Anyway, it's something to debate, but without a real study there's > probably no proof what effect entering the address twice has. We can reasonably assume that typos happen independently of each other with some probabilistic frequency. Intuitively, the chance of making a typo in both email address fields is smaller than the chance of making it in one. The chance of making the SAME typo(s) in both fields is nearly zero. I'm not saying it doesn't work in identifying typos. It does. I'm just saying it's a pointless exercise. I get emails all the time from a particular person in New York who insist she owns mwarden at gmail.com and puts it in as her email address no matter how many times I point out the error and forward her her emails, etc. The typo method does not ensure that the user actually owns the address in question. If email is important to your app, you need to verify it. -- Matt Warden Cincinnati, OH, USA http://mattwarden.com This email proudly and graciously contributes to entropy.