Update: Branch did clarify that you can sign up / invite via email. This is good. They were also really good about reaching out and listening to feedback. I still think it's a neat idea, I encourage you check it out.
I recently got an invite to the closed beta of Branch - a site that's geared toward having quick, limited and semi-private threads of discussion on a given question or topic. I'm not usually a social network early adopter, but this piqued my interest (kind of like a low-key Quora, or a very simple forum site).
Of course, like so many sites these days, Branch relies on your to link your Twitter account for authentication and asks uses Twitter to invite your followers to the discussion or broadcast news of your latest activity.
I thought I might start a discussion on web development trends with a few Twitter buddies, so I included them on the invite list. So Branch sent them all a DM that looks like this:
And upon clicking that link they were brought to the Branch thread with this screen:
So of course, as naturally internet-savvy people, my friends responded to my message by:
- Informing me that my Twitter account had been hacked, and that I should change my password immediately.
- Informing me that they were not comfortable providing Twitter access to this site.
Suffice to say, it was not my intention to spook the hell out of my friends. And honestly, had they done the same to me, I would have definitely reacted in the same way. I normally pass over any site that asks for potentially invasive permissions of Twitter or Facebook. To receive a somewhat cryptic DM via Twitter, then be immediately asked to verify your credentials feels like a scam.
The current experience on Branch is sending users down a UX chute of uncertainty, asking for too much while giving very little information about what they're about to do. Here's what I would suggest:
Provide More Context in Twitter
The text of the Twitter DM needs to feel less spammy. It should identify itself as coming from Branch. It should mention in plain English what the intent of the message is. Something very straightforward like:
It's hard to cold-DM anyone a shortened link and not have it look like spam or a compromised account, but there are certainly improvements to be made here. They should also leave out the mentions of other users. Feels less like a data mining operation.
Lose the modal pop-up
Why would I ever provide you with my credentials before even being able to see the site to know if I'm interested? Don't pop-up some box asking for the keys to the kingdom as soon as the invitee lands on the page. Let them actually read the damn thing first. Prompt them to login or sign up after they've written (or have started writing) a response. By then they've probably verified that this is a legit site and that I'm generally interested in having them contribute.
Provide a one-time use token for invites
Asking for access to someone's Twitter account before they have an opportunity to use your product is just greedy. Let them experience the site before asking them to commit. When I invite someone to join the discussion, my interest is in having them actually join the discussion, and not necessarily that they sign up for Branch. Invite URLs should contain a one-time use token that will let the invited person enter the discussion without having to sign up. If they're interested after that, then they can create an account.
An email sign up / invite option
To be fair, this might exist, and I simply didn't notice it, but I think having the option to sign up and invite without a Twitter account is useful. Asking for control over someone's Twitter account is asking a lot. There have been plenty of times I dump out of a site registration process when this is the only option. I don't always want to conflate my Twitter identity with all my other identities on the web.
I've increasingly become more and more interested in the idea of smaller, tightly scoped and private-ish communication on the web, as opposed to the uber-public free-for-all of most discussion sites. Branch has some potential, but for such a simple concept, its process for including new user activity is greedy and a little bit spooky.