Security issues if not forcing a user to sign up

I've built a simple web app Flask.io that enables users to create and share to-do lists.

It doesn't require sign up. This is an important differentiator. I don't want to force the user to register for a tool they haven't used yet.

How it works is when they create a list, a random slug is generated and they are redirected to that unique url e.g. flask.io/random-slug

My question is what security implications are there?

Removing sign up should improve the on-boarding UX, but is it worth it in exchange for a not as secure system, and should I introduce registration further down the flow?

The random slug is 5 characters long. Would love to know your feedback especially if any experience here.

Tags: an event apart, smashing, speckyboy, UX Interview, ux stack, UX Stack Exchange, UXBooth

Security issues if not forcing a user to sign up

UX in 2018: The human element

Three Takeaways from the Hawai’i Missile False Alarm

UX in 2018: Content

UX in 2018: Design, Development, and Accessibility

The Power and Danger of Persuasive Design

Security issues if not forcing a user to sign up

Related Posts