Create accounts
Help users create an account for your service.
New WCAG 2.2 criteria affect this pattern
To help users to ‘Create accounts’ and meet the new Web Content Accessibility Guidelines (WCAG) 2.2 criteria, make sure that users can successfully:
- reuse information they've already entered
- avoid doing a cognitive test, such as a CAPTCHA, to create an account
See the full list of components and patterns affected by WCAG 2.2.
When to use this pattern
Provide user accounts if your users will need to regularly access or update their data in your service.
When not to use this pattern
Do not create user accounts if you can provide a usable service without them.
This is because user accounts are:
- a barrier for many users and make it more likely they will drop out
- difficult to build and maintain
If you want to let users check the status of a one-off transaction, give them a unique reference number they can use along with their name or email address.
Unique references are hard to remember so you should send them in an email or text message to the user.
How it works
If a user needs an account as part of your service:
- let them use as much of your service as possible before they need to create an account
- use clear and consistent language
- create a simple user journey
- make the sign-up process clear
Use clear and consistent language
For consistency with other GOV.UK services, use the phrase ‘Create an account’ instead of ‘Register’, ‘Sign up’ or something else.
Use labels like ‘Create a username’ and ‘Create a password’ rather than ‘Username’ and ‘Password’. This helps users to understand that they’re not being asked to enter an existing username or password.
Create a simple user journey
Make it clear what you need users to do when they create an account.
Show a clear difference between creating an account and signing in. Presenting the options side by side is not enough because users might miss one of them or not understand the difference.
Make sure users do not need to enter the same information more than once when creating an account, unless the information is no longer valid or it’s necessary for security reasons. Use the HTML autocomplete attribute to allow password managers and user agents to automatically populate fields. This is to comply with WCAG 2.2 success criterion 3.3.7 Redundant entry.
Make the sign-up process clear
If a user fails to create an account they might not be able to use your service at all.
Make sure the account creation screen is solely about that task. Do not add any distracting content or links.
Avoid using security measures such as CAPTCHAs
CAPTCHAs and similar tests require users to recognise words or pictures.
These are tests of cognitive function, which might be difficult for some users. Users can also struggle to recognise specific words or pictures due to differences in culture and locale.
Avoid making users do a cognitive test to use your service. If you do, you must also offer an alternative method. This is to comply with WCAG 2.2 success criterion 3.3.8 Accessible authentication (minimum).
See more about using CAPTCHAs and why they’re problematic in the Service Manual. WCAG lists some other security measures you can implement to prevent misuse and automated abuse in your service.
Never use National Insurance numbers to verify a user’s identity
If you currently use National Insurance numbers to verify identity, find out how to protect your service against fraud.
Help improve this pattern
To help make sure that this page is useful, relevant and up to date, you can:
- take part in the ‘Create accounts’ discussion on GitHub and share your research
- propose a change – read more about how to propose changes in GitHub
Tell us if your service uses this pattern
Take part in our usage survey (opens in a new tab) to help us improve this pattern to better meet the needs of the services that use it.
Need help?
If you’ve got a question about the GOV.UK Design System, contact the team.