I am building a web app were I will require the name and lastname from the user.
My question is if it reasonable to give the option to the user to alter/modify these two.
I mean, people, have the same name and lastname throughout their lifes.
Of course there are some exceptions to the above rule-but from another point of view changing the name and lastname in
an account might hide security issues.
What do you think?
The only thing you should really prevent someone from changing in a profile is the identifying portion (what they use to login). And even there, a mechanism should be in place to allow that as well…
Τhe identifying portion will be the e-mail and the password.
I have never witnessed a site that does not give you the option to change these two.
They do, but there’s usually extra steps (email confirmation / password validation & double entry).
as for name, people change names all the time - marriages, religious reasons, just because…
Don’t underestimate the need for for change in ones life.
For example, I may drop hotmail for another email provider after I sign up. Will you still send me all my notices to a nonexistent email by not allowing me to update my email (since is part of the log in )
User names, that is monikers specifically chosen by the user, well that 50-50. It can be a exercise in vanity to be able to use a cooler nick that occurred to you after you initially signed up , but still be able to retain any seniority/data. However this could be confusing to other users.
I assume you are checking for duplicate emails/usernames before submission? that is to prevent the coincidental choosing of the same pass/login by different users?
Incidentally, your DB should contain a UNIQUE field/key for each sing up, data which is invisible to the user him/herself … and this is the way site management should be able to identify the user.