Thank you for the feedback! All the details are written in Terms and Conditions, but we have to face the fact that not each person takes their time to read them, so it might make sense to unite username and email in the registration form at the web-site.
Lol. You busted me. I read the instructions that told me to read the terms and conditions and approve of them before registering-- in reality, I opened them, then hit approve, as I imagine 95% of ppl do. After being subjected to these formal legal expositions, especially to the effect of what is Apple's up to? 65+ pages? Really... it's a given that no one is going to take the time to read all of that legal jargon... Indemnification clauses, this and that-- realizing that even if we did read every last word, very few of us would understand every last implication? and if it came to the point of legal contention, lawyers are surely going to find a way to screw me if need be, lol. Reading the listless potential ways that they could go about this screwing is of little concern.
I suppose most of us feel we can presume and infer what said terms and conditions will suggest...
- they provide a voluntary service that is subject to termination at their discretion
- the terms and conditions are subject to change at any point, without notice (I've always wondered in that? what's the point of defining concrete terms, if they can just be arbitrarily redefined? That's like the equivalent of saying: "This statement is true... unless I decide that it's not. In that case, the former statement will no longer be true." Whaaaat? Lol...)
- if something screws up we cannot be held liable for any damages incurred
- we cannot be held liable for any damages you cause to third parties while using our service
- any personal information you supply to us is ours
- you are responsible for using the service in the intended manner, and any misuse or abuse of the service is all you, and we have the right to pursue legal action against you at our discretion
- if you try and screw us in any way, we will screw you 10x harder, and we'll make sure you become some fellow's "male girlfriend" and that he hits a home run after making you stop at all the bases on your way there.
Lol. I should have pursued a career in law. I winged that a bit, but that's what most of them say in some similar display of eloquent rhetoric, as I've seen.
In summary, I think you were very generous in your exclusionary phrasing: "not each person". I'll be a bit more poignant and play the cynic if I must, and restate that as "on average, only about 1 in every 100,000 people instructed to do so will read any portion of the terms and conditions/EULA, whatsoever".
Myself included? it has become a conditioned subconscious dismissal to most every one of us.
So, yes; I trust that the most likely result will be that no matter what the label *asks* for, be it username or email; there will inherently be a substantial percentage of users who will repeatedly attempt to login using the opposite credential of the one that is asked for... until they lock themselves out of the account, lol. Thus, if we employ Ockham's razor, the simplest, most forgiving and practical implementation on the server-side auth would be to accept either/or and be done with it.
Though, in my defense that my greatest crime was not reading the entirety of the terms and conditions... NOT being a total idiot, since the label did explicitly ask for the username (which exists separate from the email), but rejected the username-- only authenticating when the email was entered instead.
Not implying the site was a complete failure, lol... but more precisely, implying that *I* am not a complete failure...
Just a partial one. Not quite a MASSIVE FAIL, but more so a MINIATURE FAIL.