Forms: Validating the basics - can and should it be done?

21 Sep 2009 - 11:46am
7 years ago
6 replies
729 reads
Adrian Howard

Hi Jennifer,

On 21 Sep 2009, at 09:01, jennifer wrote:

> I've been asked several times by the owners of our lead database,
> which is generated by any/all forms we have on our site, to increase
> validation of the fields of any/all forms to ensure - or "force" to
> use their term - the user to input valid data.
> (In this way, they get a "clean" db, is really the gist.)
> Our fields include:
> First name
> Last name
> Title
> Company name
> Email
> Phone
> Street address
> City / State / Zip
> (*Note, these are not the precise labels)
> Anyway, I figure we can and should, to a degree validate phone number

I'd personally recommend leaving phone numbers alone :-) Too many folk
have different ways of writing phone numbers, or need to add something
like "and then push #3 and ask for Tracy" to the end.

> and email fields without too much issue.

You can check an e-mail has the correct structure - but you can't
check that the e-mail is "correct" (without actually sending the e-
mail and having the user confirm.)

> What is desired, however, is to 'validate' that all those other
> fields - e.g., name - get input with reliable information.

Define "reliable"? Is the issue it not being filled in at all? Being
filled in with bogus info? Something else?

> I don't think this can be done, to be honest, and it just feels
> plain wrong. I understand the internal desire for it, but I've
> commented that such validation brings up more questions about error
> messaging/alerts than is worth it in the end.

Whether it's possible or not will depend to some extent on the
motivation of the user. I'm highly motivated to put my phone number on
some forms (e.g. when expensive hardware is being delivered and they
need to check somebody is in). In others I will go out of my way to
give a fake number (e.g. when I'm forced to register one when
downloading a demo and want to avoid the annoying sales calls.) The
data bods should find the idea of incorrect data more frightening than
absent information - so that's a useful axe to wield.

> Plus, they're trying to get more people to fill out these forms, and
> that sort of validation seems counter-intuitive.

Again - depends on the motivation. I'd be happy to be reminded that
I've forgotten my postcode on a form for where my parcel should be
delivered. I'd find it annoying when the address is irrelevant to the
action I'm trying to take.

> Thoughts? Resources? (I've looked, not found any yet)...

The usual pointer to Luke Wroblewski's "Web Form Design" book :-)


-- - -


21 Sep 2009 - 12:08pm

To Adrian's point, the stronger your validation, the more difficulty your DB
folks will have weeding false data from real data.

It's a lot easier to purge 'asdf test' from your data records, than 'Tarzan
of the Jungle'.

I'd say the strongest validation should be on the fields most critical to
"getting in", and let people fudge a little on the incidentals - or better,
make them optional =]

Regarding email validation, you can actually test email validity on your
site. I haven't done it before, but searching google for "realtime email
validation" brought up a few hits.

Bryan Minihan

-----Original Message-----
From: discuss-bounces at
[mailto:discuss-bounces at] On Behalf Of Adrian
Sent: Monday, September 21, 2009 12:46 PM
To: IXDA list
Subject: Re: [IxDA Discuss] Forms: Validating the basics - can and should it
be done?

data bods should find the idea of incorrect data more frightening than
absent information - so that's a useful axe to wield.

21 Sep 2009 - 12:32pm

I have a list of the most common offensive and garbage terms folks use, from
my last startup project (I bet you can't guess the most common words used by
American teenagers...c'mon...guess!).

Here's another way around blocking people with freebie email addresses: Put
such users in an "untrusted" status, requiring them to verify their access
with an email confirmation note or some other means.

We had the same problem with college coaches on my last project. We
couldn't give them access to athlete details until we, or they, verified
they worked for said institution. If they created their account using the
correct .edu address, we "let them in", but if they used their personal
account, we called them to verify their details.

For phone number, esp with business addresses, you might want to provide
separate Phone and Extension boxes, or allow the letter "x" in your phone
number field (as in "800-555-1212 x1270").

Bryan Minihan

-----Original Message-----
From: discuss-bounces at
[mailto:discuss-bounces at] On Behalf Of
Sent: Monday, September 21, 2009 10:19 AM
To: discuss at
Subject: Re: [IxDA Discuss] Forms: Validating the basics - can and should it
be done?

Regarding the phone field: I think we will just validate that no
alpha-characters are input, as we do want to include international
codes and prefix. It'll be basic validation is all, nothing

And with email, I agree that it's probably ok to check format; the
idea proposed to me was to not allow users to input anything from a
freebie/generic domain, e.g.,, so as to *only* receive
"real company addresses". I said that we shouldn't do that for a
couple reasons:
1- Some people may not be ready to share their company address,
regardless that their inquiry may be company related.
2 - The additional labeling and error messaging may produce worse
results in the end.


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Posted from the new

Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... discuss at
Unsubscribe ................
List Guidelines ............
List Help ..................

21 Sep 2009 - 2:47pm

In terms of resources, here's a good article from Luke Wroblewski on
A List Apart about Inline Validation in forms. His research
suggested that validation on simple fields like first name, last name
confused users.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Posted from the new

22 Sep 2009 - 4:35am
Caroline Jarrett

In our book "Forms that work: Designing web forms for usability" we have
quite a lot of discussion about the merits or otherwise of validating input
data. (More details about the book: )

I think the key word in your original post was "force". What makes your
stakeholders think that forcing users to do something they are unwilling to
do is likely to result in good data?

As others have pointed out, forced data can simply be harder to detect and
rectify than non-validated data. You could be storing up long-term problems
with poor data quality, whereas spending design time now to find out why
users are unwilling to provide the data can be a bit more troublesome now,
but provide far better data quality and user experience in the long term.

Luke's interesting article on Alistapart underlines this point, in my view.
His research found that:

- validating data that shouldn't be validated (e.g. first names) was
regarded as weird and confusing (my paraphrase) by users.

- speedy, immediate checking of data that should be validated (e.g. is my
choice of username available?) is welcomed by users and helpful

- attempting to validate data before the user has finished typing is
intrusive and disliked by users (a point we explore further in our book:
it's all about interrupting the user's turn in the conversation).

Underlying this, I think we need to encourage stakeholders to stand back and
think about _overall_ user experience and the underlying business reasons
for publishing the form: factors that I call 'relationship' in our book.
What is the priority here: the immediate 'tidiness' of the data as collected
at this instant, or the long term quality of the data that will be relied on
for the continuing business relationship?

Caroline Jarrett

Syndicate content Get the feed