Don't Forget Your Logged Out Users

I find myself saying this quite often these days to entrepreneurs and their product teams. It's something that I've noticed working with leading social platforms like Etsy, Twitter, Tumblr, and others. Services such as these have a large number of their users accessing the service regularly on a logged out basis.

I can visit my friend Daryn's tumblog without logging into Tumblr and often do. My son can visit LeBron James' Twitter without logging in and often does. My daughter can check out vintage items on Etsy without logging in and usually does.

At some point, if you want to deeply engage, or in Etsy's case transact, you'll need to log into social services. But you can get a lot of value from them without logging in. And without divulging confidential information about our portfolio companies, I can tell you that a huge number of regular users of these and other services don't log in because they can get a lot of value without logging in.

I got into a comment discussion on Steve Rubel's blog this morning on this topic. Some social services, like Facebook, require login to access most of the content you'd want to consume there. They don't have to think so much about the logged out user. But other social services, the ones that are public by default, have to think very carefully about the logged out user because they logged out user base is huge and valuable.

I think that social services that are public by default and have huge logged out user bases, should "phantom register" their logged out users by storing activity against their cookies and building user profiles on their logged out users. This does two things. First, if those logged out users eventually register and become logged in users, this "phantom profile" can help the user get a lot of value from the service right away. And second, this "phantom registration" might allow the service to permit lightweight engagement without logging in. Lightweight engagement might be favoriting an item on Etsy, hearting something on Tumblr, or starring something on Twitter. 

There is a 100/10/1 "rule of thumb" with social services. 1% will create content, 10% will engage with it, and 100% will consume it. If only 10% of your users need to log in because 90% just want to consume, then you'll end up with the vast majority of your users in the logged out camp. Don't ignore them, build services for them, and you can slowly but surely lead them to more engagement and potentially some day into the logged in camp.


Comments (Archived):

  1. andyswan

    Great post.  One of the most difficult things to do is create a registered user without them realizing that they’ve registered.  Think about how venmo, amazon, proflowers, disqus, etc all learn about you as you go. Half the people don’t even know they have an “account” at some of these places…the site just “works better every time I go”.  It’s really hard to do, and takes a LOT of thinking/scenarios/testing….but as Fred points out here…it’s worth it.  Can you make your app “work better everytime I use it” without a formal registration?  Protip:  Pretend your “register” or “sign up” button will be irreparably broken for the next 6 months….what do you do? 

    1. Guest

      Interesting thoughts & comments Andy. I had not interpreted and thought about Fred’s post in that manner. I see what you mean though.UPDATE: Andy, this sentence from Fred above did not register initially apparently”I think that social services that are public by default and have huge logged out user bases, should “phantom register” their logged out users by storing activity against their cookies and building user profiles on their logged out users.”

    2. Aaron Klein

      One of the key things to assess is whether you’re affecting quality by doing engagement with unregistered users.I would argue in most cases that you aren’t, but I wouldn’t want to base Google search results on the basis of +1s from unregistered users.We’ve got some interesting competitive aspects for the economic predictions and portfolios in our risk/reward decision tool, and we were already planning to follow the precise model Fred is suggesting and allow logged-out users to vote.It’s going to be really interesting to see if we can spot “vote fraud” (i.e. a series of votes for a single portfolio, all coming from the same IP address, in rapid succession, or something like that).

      1. andyswan

        We had similar problems at mytrade….good point

      2. Dale Allyn

        Aaron, one common practice is to set a cookie with those who have voted, so that the option to vote again is dimmed or hidden once the cookie is in place. Sure, they can clear the cookie, but the majority of users across the broad internet aren’t likely to do so. A tech-oriented project would have different expectations though. 

        1. Aaron Klein

          Of course. I didn’t state it but the underlying assumption behind any vote fraud kind of scheme is a script that votes, deletes the cookie, rinses and repeats. 🙂

          1. Dale Allyn

            Yep, if your application is one to attract such participants, i.e. there is significant advantage to someone by “vote fraud” then one should expect to see it. In which case, without protection against it, the votes may be meaningless… as you imply. Anyone capable of providing a bot to execute as you describe is also capable of rotating IP addresses, staggering execution times, and other markers. Lots of troublemakers out there. 😉

          2. Aaron Klein

            Certainly true. It will be interesting to see whether we have to deal with that. One of our engineers has several different correlations he thinks he can use to spot it. And if we do spot it, we can simply disregard those votes; we don’t have to “arrest” those involved. :)We think that’s well worth the risk to drive the kind of engagement Fred is talking about here.

          3. Dale Allyn

            “And if we do spot it, we can simply disregard those votes; we don’t have to “arrest” those involved. 🙂 “Aaron, I think we see this quite similarly. Not knowing your application, I can’t comment on the importance or risks associated with the voting, but it’s easy to agree on the importance of user experience and the ability to fuel engagement.

          4. acrookston

            It’s far easier than that. Cookies are only a response from the server, telling your client (usually a browser) to store this content for X amount of time. It’s entirely up to the client to save and send this cookie string in following requests.This makes it possible to write a one-line terminal command to loop and send a huge amount of requests. Actually, this is how you do it:while true; do curl (insert URL); doneThere is no SAFE way to solve this without a safe registration. But a couple of good measures to take is anti-hammering while looking at the request signature (ie, speed and browser-agent) not only IP. this gets rather complex and I already feel I got off topic.

          5. Aaron Klein

            I guess I was being overly simplistic when I said “delete the cookie” but yes, there are many ways to ensure that fringe candidates win the online presidential straw polls, are there not? 😉

      3. James Blake

        It will also be interesting to see activity analytics for unregistered users preceding registration – find out what the “tipping point” is in terms of registration-gated functions that convert them to active users.  Also, very interesting point about vote fraud – very important in terms of creating a sense of objectivity among all users, registered and not.

  2. Guest

    Timely post ….Last time I tried to use the I got a FB login prompt. I use FB somewhat but {update: add ‘on’ and delete ‘I’} on principle (albeit my own weird one maybe) I don’t use FB for logins. In this case, it really stinks because I love music & probably get jazzed enough about the service to be a cheerleader for it. Maybe I will submit an email address in this case but even then it does not seem to gurantee I will get access.  Oh well.Nice post today Mr. Wilson

    1. arbrackin

      It’s not just Facebook you have to have a mutual friend using Turntable, because it’s not open yet.

      1. Guest

        Aye, there are a few in my circle using it .. from what I see on Twitter anyway.

    2. fredwilson

      i refused for over a week to use for that reasoni gave up my protest this morning and spun some music in the hip hop roomit was a lot of fun!/fredw…i really really wish they’d let me sign in with my own credentials, or at least with twitter

      1. Aaron Klein

        We’ve been struggling with this for a bit because we can get so much great data to personalize the experience for our users with Facebook Connect.But as a matter of principle, we just won’t force our users into a closed system like FB to use our app. If you create your account with your email address, we’re going to ask a few extra questions like zip code and birth year.I really wish Twitter delivered anywhere close to the same level of personalization data with their login system.

    3. Laurent Boncenne

      it’s like they’re killing the early-adopter ability to toy around with anything they come across! pretty darn annoying…

  3. William Mougayar

    This is a strategic analysis you have provided here, although it has a simple message. This is at the heart of user adoption, ramp-up and scalability. The more friction-free the experience, the more adoption you will get. We (my company) has struggled with this dilemma, but have since then opened-up a lot more than before. For e.g., now you can even start to personalize your news page without logging in, and we’ll remember your preferences for 24 hrs when you return.Just as with the transition from freemium to paid services, logged-in should “enhance” the experience and value one gets from the app. And the logged-out state should still have enough compelling value to bring them back. The cookie approach is a bit similar to the re-targeting codes that are being sprinkled around, where you visit a site and they know it, so they serve you a related Ad on the next site you go to. It’s smart, but scary at the same time. I wonder what your views are on this.

  4. slmader

    Do you think it’s necessary for social services to disclose that they are “phantom registering” logged out users? the obvious issue is privacy, but the more interesting one, in my opinion, is the potential opportunity to use that disclosure to help logged out users see why they might want to create an account.

    1. Guest

      That is VERY intriguing. I admit I am very pro disclosure/privacy. {Update: Holy jeebus, I learn so much tech stuff reading this dang blog.}

      1. Donna Brewington White

        It is amazing how much I’ve learned here!  Thats why I call it AVC U.

    2. fredwilson

      i tend toward disclosure myself and would advise services to figure out how to do that in a manner that is consistent with their user experience

    3. Dale Allyn

      Stewart, I agree with your point and was thinking along the same line. To me, users are to be protected and nurtured, rather than viewed as “exploitable assets” as seems to be the case with some social platforms or apps. Disclosure and respect are the best path, with a design, as you say, to show why users *should* register – with additional benefits with logging in. We should provide value rather than control and exploit (even if some do profit from contrary methods ;). 

    4. Alex Murphy

      This is in almost every single privacy policy.  Just look for cookies.

  5. Joe Lazarus

    What do you think is the best way to handle the lightweight engagement action for phantom visitors? For example, if a logged out visitor can fav an Etsy item, heart a Tumblr post, or star a Twitter post, would you make that action visible to other people through, say, a counter for the item (ex. “this post has been starred by JoeLaz and 3 anonymous people) or would you only make those engagement actions public if the phantom registers?

    1. fredwilson

      i like that idea Joe

  6. csedev

    One strategy that we implemented to convert our anonymous users into registered members, was to offer all the services of our website for free, but only in small doses, until the user registered.To give you an example.  Anonymous users would visitor our website, where they would be able to view photographs from all the events the night before.  However, after viewing 20 photos, the website would then prompt them to register an account to continue viewing.  We went from a user base of 4,500 to 17,000 within the first week, which assisted with finding advertisers and increasing our profitability.

    1. fredwilson

      i don’t like the idea of getting in the way of users engaging with the service by putting up walls. the services we’ve been involved with that have scaled the most have been friction lesshowever, i do agree that creating incentives to register and log in is smart

      1. Keith Smith

        Agreed.  Carrot is always better than Stick in these situations.  At BigDoor we encourage our partners on our platform to utilize our “you-just-got-some-sugar” approach.  When a non-logged in user does something valuable (comment, vote, Like, return 3x in a week, etc.) they get a message along the lines of; “You just earned 50 coins that you can use to get rewards.  Login to keep your coins.” This shifts the request for login/registration from a negative to a positive.  We’ve seen this result in as much as a 2x increase in registrations over simply creating content obstacles as login incentives.

  7. Abenego

    I think a service like what you are describing may actually hurt web based services from gaining and growing engaged user based.I wonder if allowing this phantom idea will actually encourage already “lightly engaged” registered user to stay on that gray area. I do agree that these unregistered are valuable butI think this should be done with care to help solve and not create a new problem.btw (Disqus is not displaying the comment form on chrome)I also think the basis of this argument is a bit off.Etsy, Tumblr and Twitter are publishing platforms (Etsy being a publisher of hand made arts and crafts) But anyways, Its to their advantage to have their information accessible to unregister users whereas facebook is less of publishing and more of personal, friend to friend sharing, (except for pages) so again, it makes sense there for this particular scenario. 

    1. fredwilson

      i had that issue with disqus on chrome too. but i reloaded the page and it loaded. clearly something is not entirely right with disqus this morning

      1. Vasudev Ram

        Or something is not entirely right with chrome this morning 🙂 Could be a chrome issue.”A person is innocent until proven guilty”Just saying.

        1. Vasudev Ram

          May be disqus issue though. The browser tab where I have it open, shows a spinner endlessly.

    2. Daniël W. Crompton (webhat)

      I don’t entirely agree that it’s only publishing platforms, as mentioned above Amazon is an example of a platform which learns about you as you go using a cookie (ip/browser/computer specific). Google uses this this same method, and it’s reach is far broader making it possible for this to be essential for their business model: advertising. They add more functionality/services when you register.An example of beyond phantom is Seesmic, which allow you to use your Twitter account to try out the service and requires you to create an account to use the service.The start up I’m currently working with is creating an anonymous banking service, for which the only advantage to giving up your data is to be able to recover or suspend your account when you lose your bankcard.

  8. Irving Fain

    When you do get to a point where you’re asking a user to register do you favor native / organic registration processes or registration via Facebook, Twitter, etc? To your point about phantom registration, when you use these other services to authenticate a user, there becomes a question around who owns what data…with native registration this is never an issue.Nice post!

    1. fredwilson

      i like the idea of FB and Twitter as a first step, maybe beyond phantom, but before full blown registration. but i very much want to see the services develop direct relationships (ie registrations) with their users.

      1. Matt A. Myers

        Do you think this creates a sense of connectedness or ownership with a service?

    2. Alex Murphy

      When the user agrees to your privacy policy and interacts on your site, you own the data.  

  9. awaldstein

    Great post. I’m reading this as a network rather than a traffic perspective of value. This is giving me some new language to think about market adoption.Transactional funnels are as old as time. We’ve been building them since we could track a click or even when we could take a biz card at a trade show. You’re implying an engagement funnel with the logged out network as the fattest part of it. By focusing on engagement rather than transaction it extends the funnel and creates a longer tail of interest to target and build services for.Thanks for this.

    1. fredwilson

      that’s exactly right”an engagement funnel with the logged out network as the fattest part of it”you said it way better than i did arnold

      1. awaldstein

        Starting to see little tools like onetruefan pop up. Basically they are a check-in for the unengaged, saying “I’m here” and encourages their friends to come out of the anonymous closet with them. There may be something there as a step towards engagement.

        1. howardlindzon


      2. Michael Weiksner

        How does the engagement funnel look for zynga? I suspect that there are almost *no* logged out users.  The game is inherently social and inherently engaging.  In such cases, the flow is: receive invite, install immediately (because of the trust of the friend recommendation), and engage immediately. Rockmelt is similar, because social browsing is pointless if you don’t have any friends doing it with you.The patterns of persuasion in online social networks differ dramatically from the traditional online patterns:….

        1. fredwilson

          Facebook is zynga’s engagement funnel

  10. David Semeria

    The flipside of this is managing logged-in users when they can access your service via multiple routes (FB, twitter, google sign-in, etc).It’s easy for them to forget which service they signed-up with and so they can easily end up creating multiple accounts.I remember one particularly amusing email rant from a user who claimed he couldn’t unsubscribe from email updates. When I checked, he had 5 five different accounts, each one created via a separate authentication method.This is a widespread problem.Someone should fix it – and make a dime in the process.

    1. TrevorAustin

      Isn’t this fixed by just making e-mail address the primary key in your users table?

      1. Aaron Klein

        Never a good idea. People change their e-mail address all the time. Always use a user ID of some sort and link email with it.But you could certainly use email as a way to find duplicates at account creation and say “hey isn’t this you?”

        1. Vasudev Ram

          >Never a good idea.I agree. Intuitively, I’ve never felt comfortable with that approach, though it’s a common practice in web apps – using the email id as 1) the primary key or even as 2) the login id for the app [ and 1) and 2) are not necessarily the same ].In a startup I worked with a while back, there was talk of doing that – using email id as the primary key and also as the login id  for the app (I think it was mainly because “all the successful sites like GOOG / FB use it” – not a good enough reason if there are downsides to it); I argued against it, but could not at the time, formulate / articulate my reasons well enough, maybe, though my gut feel and some logic was against it (*).Google does it (email id as primary key) too, and also uses single-sign on for their different services; i.e. your Gmail id is also your AdSense id and your Analytics id and so on. Never liked it. More of a security risk. Of late I’ve seen that they are now requiring you, in some cases, to sign into the next Google service you want to access, even if you are already signed into another one earlier in the same browsing session, which is a bit of an improvement.(*) IIRC, there is even a database design rule of thumb (related to normalization) – can’t remember the name right now,  if it has one – that the primary key should not carry any real-life meaning related to the business domain of the app – one reason being that such meaning can change, which would require updating the entire table for all the changed primary keys, plus cascading changes to child tables, join tables and so on – which is exactly the generalized version of your example that email ids do change. (In other words, best way is to make it a synthetic – made-up – key). But the rule is mostly broken.

          1. Aaron Klein

            Right now, I love using email for sign-on. It’s so much easier than having to remember what user name I chose for a given service (I try to keep it simple but often my primary choice isn’t available).However, the words “primary key” are a database function meaning that’s actually the key spread across every table that your data is keyed to. And that makes it unchangeable. Very bad design decision, imho.Twitter does this INCREDIBLY well. That’s why, for example, @SpeakerPelosi can easily become @NancyPelosi when an election changes things. (And they let you sign on via username OR e-mail…another reason why I love Twitter’s architecture.)

          2. David Semeria

            I agree Aaron, twitter’s model is great.

          3. Vasudev Ram

            >It’s so much easier than having to remember what user name I chose for a given service (I try to keep it simple but often my primary choice isn’t available). Yes, the primary / obvious choice (often some variant of the user’s name) is often not available, and I do agree that there are some benefits to the email-id-as-primary-key approach (that’s why I said “some logic was against it”, not “all logic”), but overall, I feel it is not a good idea. Ease of use is not the only important criterion, though it is a big one. It has to be weighed against other criteria. “Balance is all”. Software design is often a trade-off.>And that makes it unchangeable. Very bad design decision, imho.Right, that’s roughly what I said in my first comment, though in different words. Not exactly unchangeable, though, it can be changed, but at great cost, due to the updates (across the parent and many child tables) that would be required  – not to mention, what if your web app links to other apps in any way (answer: even more issues), one such way is also becoming a trend nowadays – another one I’m not in favor of – e.g. using your Twitter / Facebook id to login to other services like Quora, etc. Even more of a security risk: “Oh, your Twitter / Facebook account was compromised? Have fun, that means it is now compromised on X, Y and Z sites too” …> let you sign on via username OR e-mailI prefer that too, it at least mitigates some of the issues. FriendFeed and some other sites let you do that too.

      2. David Semeria

        Well, last time I checked it was impossible to get an email address from the twitter api. Also, asking for access to a user’s email address (FB, Google, OpenID, etc) can create friction as people are wary of spam.Finally, there’s no guarantee that people signed-up for each authentication service using the same email address. So you can’t rely on an email address field (even if you did manage to fill it for each a/c) to correctly map different accounts to the same user in all cases.It’s a tricky one…

        1. Matt A. Myers

          People being wary of spam is why it’s cool to allow engagement prior to registration to build trust and show value to the consumer – then they’ll want to give you their email, phone number, first born, etc..Your last point, I am sure there are people working on this – but only a few companies will actually generally benefit. When I get my first round of funding I’ll be closer to creating a solution for people – more of an aside than my main projects .. I have too many ideas and solutions I’ve come up with as I’ve been problem solving certain systems. 🙂

          1. David Semeria

            Excellent first point Matthew.

          2. Matt A. Myers


          3. Donna Brewington White


          4. Alex Murphy

            Although this seems logical, most people are not concerned about spam.  They expect their email tool (gmail, hotmail, outlook, etc) to get rid of it.  People are very loose with their emails.  

          5. Matt A. Myers

            When I speak of spam I am also speaking of that that is irrelevant to the user. E-mail is most people’s catch-all account. Context plays a role in this as well. An important email might be spammy — less relevant or perhaps completely irrelevant in certain contexts.

          6. Donna Brewington White

            I dittoed  @hymanroth:disqus   on your first point, but wanted to add that beyond our spam-phobia, I think that other factors are at work as well.  For instance, some of us who spend an enormous amount of time online and are constantly providing information are becoming more discriminating about where we place that info.  More and more, I find myself logging in through Twitter or even Facebook to keep from having to provide my information to yet one more site especially while I am still in the “exploration stage” with that service. There’s more — such as increased demands for a more level playing field with companies/providers because of the empowerment we’ve experienced through social media. We are no longer satisfied to disclose our information to “that little man behind the curtain.”  We want to know who we are dealing with.Which all plays back to what you said.

        2. Vasudev Ram

          Right, not an easy one, and that issue exists even if email id is not the primary key …

  11. Daniel Schutzsmith

    Excellent observations and one that I think especially web designers often overlook or in fact just don’t care about.

  12. Jan Cifra

    Fred, I am curious about your segmentation of the users, the 1/10/100 rule. How do you  differentiate between those that create and engage? Obviously on this blog you are the creator. I am a part of the engaged group and there are some that just consume. But I was always under the impression that engagement is technically content creation because with out the comments your blog would be less valuable to me. With some services the line is blurred for me.Could you also comment on the percentages and what would you suggest focusing on? I believe a service should primarily focus on growing the engaged part as that will bring more consumers as a lagging indicator. I also think that in terms of services the engaged group is not the one you can make money on – you actually make money on the consumers. The cost of serving the engaged group is usually much higher (here on this blog it is the time you spend yourself on discussions) and as you point out – they are the actual mass that has the potential to be monetized.Thoughts?

    1. fredwilson

      liking, commenting, favoriting, reblogging, retweeting, etc is engagingthe whole point of this post is to focus more on the less engaged user. i think everyone tends to focus on the engaged user and that makes sense in the early days of your service but at some point you need to start focusing on the largest group and that is likely to be the less engaged group

  13. jarid

    Probably not-so-coincidentally, seems analogous with your views on the freemium business model. In this case, the “free” is the unlogged in state, and the “premium” is the requirement of the user to “pay” by creating an account/logging in.

    1. fredwilson

      want to name this one too Jarid?that worked out pretty well last time

      1. jarid

        Ha, worked out well for Chris Anderson at least. 🙂 I think I’ll retire from the naming game batting 1000.With regards to the core issue here, it can’t be overstated how large a hurdle site registration is from a usability perspective. I’ve seen ecommerce sites increase conversion rates >50% once they remove the requirement to login and offer users a chance to checkout “anonymously”.

        1. awaldstein

          Jarid>50%. Interested in any data you can share. This applies directly to a chunk of my client base and love to dig into this.

          1. jarid

            Hi Arnold,This is going back a few years, so unfortunately, I don’t have any specific case studies, but you can tell your clients that there’s a reason anonymous checkouts are an industry standard best practice nowadays. Amazon is the only example I can think of that has been able to resist the trend. But, when you’re Amazon, you’ve got a lot of other incentives to make it worthwhile for users to register (i.e. selection, price, reputation, Amazon Prime, recommendations, etc.).

          2. awaldstein

            Understood.e-commerce is business by numbers mostly so always looking for more data.

          3. ShanaC

            well, how do you design to push registration on checkout?

          4. jarid

            You make it seamless during anonymous checkout (e.g. optional username/password boxes) and you tout the benefits (e.g. order tracking, email preferences, etc.).It’s all about reducing friction.—– Reply message —–

          5. ShanaC

            Yes, but as a customer, most of the time I don’t care about this stuff. Hasanyone experimented with discounts and loyalty clubs with ecommerce? (youseem like the type of person to know)

          6. jarid

            Sure, there are lots of them, frequently based around shipping offers and/or private label credit cards. Amazon has Prime. Zappos has a VIP program. GSI spunoff a company called ShopRunner that is offering cross-site membership benefits. Road Runner Sports, Finish Line, Nine West, and Jones New York also come to mind. Not sure exactly what you’re looking for, but feel free to ping me directly if you have any specific questions.

        2. David Semeria

          Just one more!A few days ago Fred and I tried to think of a name for a service which was free for public bodies and not free for private ones.One of us said “Give and Take” and the other said “Probonium”What do you reckon Jarid? Or can you think of a *better* one?

          1. jarid

            Hmm, part of the reason the freemium name took off is because the model was already so pervasive, especially in the web 2.0 startup world.Is that really the case with this public/private tiered model? I can’t think of many off the top of my head.That being said, I’ll give it my best shot. Probonium sounds like something from the periodic table. What you’re describing sounds more like a “sector bifrication” to me. That’s not very catchy, though. Maybe theres a play on the word “utility”? or “subsidy”? Pubsidy? Also has the “city” sound in it. But it’s a stretch. Maybe focus on the civic or service side? Since it’s free for municipalities, but paid for everyone else, maybe “Munipay”.Sorry, that’s the best I got. Probably should’ve stayed retired. 🙂

          2. Alex Murphy

            “Probonium sounds like something from the periodic table”LOL

          3. David Semeria

            Great stuff, Jarid. Thanks!

        3. fredwilson

          that’s a very interesting stat jarid

      2. JimHirshfield

        These users are in a “pregistration” state.

      3. Guest

         I work for a media company that operates a pay-wall, we use a three-tiered classification for users:1- Anonymous (can view a limited amount of articles, but provide zero info)2- Registered (can view a less limited amount of articles, but have to provide more personal info)3- Subscribers (can view whatever, but need to pay a subscription fee)

  14. reece

    i know i’d be cool with a phantom account making my UX better when i sign up, but a lot of people would probably freak out about an app collecting data on them.  

  15. John K

    I don’t think I would call a user whose browser sends a cookie to a website “logged-out” at all. If a cookie is sent, I think the user is logged-in even if the site doesn’t say so, and the user should act as if they are logged in and get the same services as if they are logged-in. 

    1. Dale Allyn

      Depending on the purpose served by the site, this can be tricky. One may have contact lists, favorite lists, shopping wish lists, etc. which the account owner would prefer that her roommate, family member or co-worker couldn’t see by simply clicking a link while she was away from the computer. Of course, account settings must not be available unless logged in as well. Being able to add an item to one’s “collection” such as favorites or wishlist is a type item which some may like to without going to the trouble of logging in, but it comes with some weaknesses.

  16. Jhonatan Sanchez

    Indeed! We just tackled this at, a social platform for crowd-sourcing private sales. We created a portal to showcase current offers to logged-out/unregistered users while also making the content available to search engines. We still kept crucial information private to maintain the exclusivity of the deals. The big picture is make yourself discoverable, so releasing non-specific content on the deals allows us to be found through Google and such. However, the challenge lies on respecting logged-in users’ privileges and the anonymity of the content owners.    

  17. Robert Thuston

    Friend 1: are you on twitter?Me: yes, I absolutely love twitter!Friend 2: But I follow you on twitter, and you never do anything?Me: yes, I consume, I’m an “infovore” {then I go on to tell them about all the great people I follow that share rich info}Good post.

  18. Kirill Zubovsky

    Good point! Never thought of it this way, but now I shall. Thanks!

  19. cmutty

    I like the concept but where do you draw the line between tracking non-registered viewers and creating these accounts as a useful service. Unfortunately, I think you’ll find most people in the do not track camp.

  20. Jon Kragh

    Good post…I did a session at Google I/O 2009 and at a about 34:45 I go into personalization strategies for anonymous users using their browsing habits and geolocation:…My page views went up ~33% for me once I implemented the techniques described.Cheers,Jon

  21. scottpatten

    Songkick ( nails this for first time users.You can go to the site and start tracking favorite bands without providing any sign up info. Only after you have tracked a reasonably large number of bands and you’re invested in your list does it ask you to sign up.(I’m not affiliated with them, I was just impressed by the workflow)

    1. Ro Gupta

      Yup. I like how they did it too. Remember thinking how I appreciated them wining and dining me a bit before going in for the lunge :)If I recall correctly, Hunch also did a pretty good job of this in one of their original UIs, cc @shaival:twitter  @cdixon:twitter  

      1. scottpatten

        Hmm. It turns out they’ve changed this, and now require you to log in via Facebook when you try to track bands.Too bad, I liked it better the other way.

  22. Andrew

    I feel like this advice can be applied to other areas. Most radio listeners, for example, are ‘logged out’ by default. They can consume content but not interact with it. For that, they need to call-in, email, or otherwise engage online. But they should not be ignored.

  23. daryn

    There’s a few key points here: 1. decide which interactions really require a registered account, 2. track non-logged in visitors so they have an identity in their session and beyond, and 3. convert that tracked information into their real account if they ultimately register, so they don’t have to start over from scratch. Disqus does a good job with the migration of non-registered to registered account. They look for other comments you’ve left in the past using the same email address (as far as I know, it’s possible it’s some other fingerprint), and when you finally create a Disqus account, or if a blog you’ve left comments on migrates to Disqus, they give you the opportunity to ‘claim’ those comments. An interesting question is what happens to trolls when they realize that all their activity is being tracked to a single identity, whether claimed or not. Does it change their behavior? It is one of the reasons I like authenticated anonymity like on, where the site owner knows who you are, but it is never revealed publicly. It might not work for the privacy-obsessed, but I think it can be a valuable technique.  p.s. thanks for the shout-out, I hope everyone likes music, food, and pictures of my daughter 🙂

    1. awaldstein

      Daryn, wasn’t aware of the Disqus ‘claiming’ factor. So…I sprinkle comments around the web and when the the blog goes Disqus, those breadcrumbs connect? Very cool and news to me.

    2. Dave W Baldwin

      Nothing better than to see a child’s face light up in wonderment.

    3. Dave W Baldwin

      Seeing your cold brew coffee reminded me of my son’s idea for a beer:    SHIIIIIIIIII  BEER(only thing missins’ the T)

    4. ShanaC

      yes, and how do you cold brew coffee?and what is your favorite method of hot brewing?

      1. daryn

        The comments here have taken an interesting twist :)The easiest way to cold brew coffee is to soak coarse grounds in coldwater for 12+ hours (in the fridge), then strain using a french pressor a paper filter. The resulting coffee will be strong, pour over iceand optionally add water/cream/sugar. Perfect iced coffee.For hot coffee, I usually just french press at home, but I enjoycoffee any way I can get it!

        1. ShanaC

          Thanks (I just tried my first iced coffee from the mud truck – it was ok, it wasn’t coffee enough for me, and the ice kind of ehhed the flavor profile)

        2. fredwilson

          i’m going to give that a try for iced coffee daryn

  24. paramendra

    I like that 100/10/1 rule thing. As in, good observation. 

  25. Rohit Mishra

    The other day I was using Raptr – which is a network for sharing updates and stories about your favorite games. The service encourages you to interact and creates a profile for you as soon as you interact. It is up to the user to edit the profile and choose his username etc I liked their approach, though  I thought they should have given more emphasis on letting the user know that they have created a profile for them, 

  26. Dave W Baldwin

    This is one of your best posts Fred!There are ways around the in/out issue… and it makes sense sometimes to be patient going long with dev.Thanks again.

  27. The padrino

    I always leave my self logged in 

  28. Michael

    This feels like the difference between broadcast and communications networks. Twitter and Tublr are broadcast and Facebook is communication.

  29. ash bhoopathy

    This is an orthogonal question, but I was captivated by one small point — Do you think the 100/10/1 “rule of thumb” is actually a law, or do you think a strong theory that can’t be changed?   Are there any sites that you know of that flout this conventional thinking?

    1. Alex Murphy

      its like the 80/20 rulerules are made to be broken though.

  30. Charlie Crystle

    Most apps have a bit of schizo-profiling–evangelist users, basic users, the rest of the world.Bloggers, readers who comment, readers. Tweeters, Tweeter followers who comment, readers. etc.My question is this: is the best stuff coming from the top of the social chain? I’d guess no. 

    1. fredwilson

      not always. but the most engaged users do set the tone of the service

  31. ShanaC

    Maybe I’ve been studying this stuff for way to long (I like analytics, beats me why) but I get the feeling that when looking at the numbers for these sorts of things (logged in vs non logged in) we’re not experiencing enough buildout about design decisions that make being not logged in a joy, and being logged in a passion.  There doesn’t seem to be enough incentive to push people through a process of signing in after hooking them on a product (with rare examples abound) because of the questions surrounding data and data usage.  The more data, obviously, the better product experience, but how much data can you pre-collect without seeming creepy on login? And how do you avoid creepiness with no login, especially because you could tailor websites around cookie value?  How do you force people up the value chain in all of this through data manipulation without pushing their buttons too much.I do think the liminal stage and how people interact with the limnial stage of being close to the 10% who engage regularly (through occasional uses) probably provide some critical clues on how to force people up the chain.Etsy is a really good example here.  I may buy from etsy like 1x per year, but I look regularly. What can etsy do to make me want to buy more?

    1. Alex Murphy

      probably send more email.

      1. ShanaC

        Maybe, but email can lead to inbox bankruptcy.  So I think we need to start looking towards better decisions.

    2. fredwilson

      show you more interesting stuff when you show up



    1. fredwilson

      yup. a cookied user isn’t a verified user. but i still think there is a lot of value in phantom registration if you are careful with it



  33. sigmaalgebra

    Nice thread.The Web pages I’m writing now are for the first time users or, generally, users not logged in, but the thoughts in this thread are ones I need to consider soon for the pages for registration and for logged on users.My DB schema has columns for data on ‘user profiles’ and ‘usage history’, but I will rethink such data for ‘registered’ users.Partly I will borrow from login/registration UI/UX of famous sites, what ASP.NET provides, etc., but the thinking here is good.This thread is another example of why this blog is so good for people actually pursuing business and one of the best sources of information on business on the Internet.

  34. Donna Brewington White

    Really appreciate this post, Fred.By the way, I think that what you are describing here plays into marketing to some extent.@awaldstein:disqus ?

    1. awaldstein

      Absolutely Donna. See my comments at the top of the thread. Engagement funnel is the fattest (and highly potent) and pays back the most if you can tap into it.The network itself is our sales pipeline. 

  35. Required Login

     “I can tell you that a huge number of regular users of these and other services don’t log in because they can get a lot of value without logging in.”I don’t know about huge numbers, but I don’t log in because I don’t want to be tracked. Do what you like, but please respect my do not track headers. If I see something personalized for me, I will not be back.

    1. fredwilson

      absolutelypeople who do not want to be tracked should have those wishes respected

      1. Dave W Baldwin

        Something philosophical/hypothetical… somewhere we need to categorize (understandably) the ‘info’ making up the data we’re talking about.The average joe thinks data goes at getting robbed or data that is too detailed.Data that is more vanilla can be very useful backward/forward and back (CBC) without getting into stuff that poses risks.This could truly help in the PR side of things… as I had to tell the AGI bunch anticipating the problems with folks assuming in a blink the machine would do to us… blah, blah.

  36. Adam Fields

    This was a huge component of the cms/e-commerce systems we were building in the late 90s. It brings to mind this post from my archives:

  37. guest

    Wow, thanks again for the privacy, hi-tech guys and gals. Scrolling down quite a way to see if there are any contrary comments, frankly it’s truly scary to observe how much time all of you take to discuss the hows of invading everyone’s lives, rather than questioning the morality of it all. Not one of you appear to consider the future ramifications of your thoughts and actions now.

    1. fredwilson

      here’s my moralitygive easy opt out for those who want the privacyand for those who want to be profiled and get the value out of it like me,deliver it

    2. Alex Murphy

      This is not a privacy issue.  This is monitoring behavior on a proprietary website.  The point that Fred made was right there in the title, “don’t forget your logged out users.”  And more importantly, that this group of visitors represents the vast majority of your users.By creating a phantom registration for an anonymous user, a website publisher can offer a lot of value based upon the data that is collected.  This adds value for the user and adds value for the publisher.  This is the trade off of using just about any site on the web.  In my opinion, this is akin to being on camera when you go to the Mall or into a store.  This isn’t a morality issue, it is an issue of how to effectively run web businesses.

  38. Ciaran

    “I think that social services that are public by default and have huge logged out user bases, should “phantom register” their logged out users by storing activity against their cookies and building user profiles on their logged out users.”I kind of agree, but can imagine there would be privacy campaigners licking their lips at the thought of actions such as these.

  39. sudkish

    Great post, Fred! I was surprised that there is not one mention of mobile users in the comments. At eBay we are able to link logged out and logged in user activity with great accuracy. We go to the extent of ‘best guess’ for a logged out user. This worked fine when most users accessed the website on their desktops. At that time, there were discussions that users used different browsers but in most cases the users stuck to a primary browsers.Post 2007, with the arrival of the ‘true’ smart phones with full-featured browsers, the probability  of a user actively using multiple browsers increased. It increased many fold with the increase in apps for these smart phones. Each app either opens a web page in the default browser or within the app. The default browser and a browser within an app do not share the same cookie space. When users shared an item on eBay, it could be viewed on the desktop browser, mobile browser or within a Twitter or Facebook client on mobile phones and tablets. Linking user activity on multiple browsers will not be feasible with cookies. We need a new way to identify and link users browsing on multiple devices and apps. Also, with social sharing, the percentage of passive users and passive browsing increases. A user that viewed an item shared by a friend on Twitter may not be interested in that item or that category of items. This would in turn increase the bounce rate for the website. The product owner has to factor in bounces due to social media to measure the product performance. In summary, traditional web analytics is changing with increase in social sharing and smart phone usage.On a side note, your blog is one of the finest when viewed on a desktop browser and a mobile phone. The user does not have to adjust the zoom when viewing on a mobile phone and there is no redirect to a mobile version of the blog. Yet the blog’s theme is maintained on all devices. I hope more bloggers embrace this approach.

  40. Eunice Apia

    I’ve been both a loggin user as well as a logged out user on almost every American social media site. Both have their advantage. Logged In User allows you to be fully engaged and in the middle of the action. Logged Out user allows you to live a life outside of the internet. Once there’s a balance, both worlds are great.It goes back to my agrument of whether you should have an account on every social media site created. Is it necassary? My Friend is convinced that one can’t survive in business without a Facebook. I tend to disagree.I can’t even keep track of all my passwords, so I find myself recycling passwords and wondering if that’s a good idea.