forms - How much information should you ask for when users register?

So the company wants all the information it can get on the users of its site, but how much should be asked for upon registration?

On one hand, it would be easier for the users to enter only personal details once. On the other hand, this can lead to distrust by the users: Why do they want this information? Do they don't need it?

For example, if the user wants to buy something, an address is needed. Should this be asked when the users register, to make buying stuff easier?

Answer

Here's a must-read article -- BestBuy saw a $300 million increase in annual sales via their online store by not requiring users to register at all to buy products (this means they would have to enter their address, etc. every time they bought something). If that's not enough,

Later, we did an analysis of the retailer's database, only to discover 45% of all customers had multiple registrations in the system, some as many as 10. We also analyzed how many people requested passwords, to find out it reached about 160,000 per day. 75% of these people never tried to complete the purchase once requested.

This speaks volumes against requiring user registration at all. It makes sense for something like Amazon, where customers frequently re-purchase things, but not so much for... well, most other online stores. If you're not convinced, consider these two scenarios -- which is worse for the customer?

Scenario 1:

• The user buys something & enters in address, billing info, etc


• Six months later the user wants to buy something else



• The user must re-enter address, billing info, etc.

Scenario 2:

• The user buys something & enters in address, billing info, etc


• The user is also told to register and must think up a password


• Six months later the user wants to buy something else


• User clicks "register" and thinks up a new password


• The user is told the e-mail address is in use, and to log in with a password


• User looks for tiny "Forgot Password" link



• User must enter e-mail address a second time, because none of these sites ever remember the thing you just entered


• User needs to answer a "security question" -- did she make a typo on the name of her elementary school when she was registering? it was never verified... If so, she's now locked out of your site forever


• User goes to Gmail/Hotmail/etc (and away from your site -- will she return?)


• User needs to think up a new password


• Oops! I've moved! How do I change the address in the system?


• No, not the billing address, just the shipping address!


• ...

Or maybe the user uses the same password for everything (as many do -- including me at this point, despite being an IT professional). This is an obvious security risk, since it's easier for someone to get hold of the password if it's used for everything, and this password now opens up access to addresses, possibly billing info, etc. via your site.

DON'T REQUIRE REGISTRATION! -- If you must, consider something like Orbitz does, where you can optionally register by entering in a password on their registration form. In addition to saving your data for repeat purchases, you can also log in to check your flight status, something customers might want to do.