Why do sites insist on having you put in your password twice? So what if a person types it in wrong?
Looking at it in another way – what is the probability a person types it in wrong? 1%? 5%?
Lets even say 5% … so why make 95% of the users suffer and make them enter a password twice when the 5% who did not type it in correctly can just reset a password?
Just a UI thought I had.
12 Responses to Re-Enter your Password
emad
September 10th, 2008 at 8:13 am
Most sites probably wouldn’t have to make users enter it twice if they could see what they are typing instead a bunch of asterisks.
Colin Carmichael
September 10th, 2008 at 10:24 am
I’ve only ever seen re-type password boxes on forms that SET your password – which has saved my ass a few times when I mis-type – and can’t see what I’ve mis-typed.
Which gets me thinking… it’s not really necessary to use the ‘password’ markup at all when building the set your password form – is the risk of someone looking over your shoulder really that great? Or is there some other security built into the password input element that I’m unawareof?
Ahmed
September 10th, 2008 at 11:06 am
Sorry yeah I was referring to registration.
And as I said – if you made a mistake, just have your password reset. I would imagine many users now just save the password anyway (and a good site should do an auto-login once you register).
As for showing password/not showing password – I was wondering that too. I assume people are just conditioned to except their password to be hidden.
Dave
September 10th, 2008 at 11:51 am
I think having people type their e-mail twice makes more sense. As has been said, if people mistype their password, they can always have it reset. But if people mistype their e-mail, the reset password will go to the wrong (or an invalid) e-mail address.
Ahmed
September 10th, 2008 at 2:19 pm
Yep Dave I’ve thought the same – then again that one you visually see your email and are less likely to submit an error.
Dave
September 10th, 2008 at 4:10 pm
Yeah, right! Tell that to the people who fill out forms on our site!
Jonas
September 10th, 2008 at 5:47 pm
This has been a pet peeve of mine for a long time…
sara
September 11th, 2008 at 6:50 pm
I came back to comment after an ‘aha’ moment – made me think of this post… Typed in my email address wrong (when signing up for a google service) and the “re-type your email address” saved the day… (otherwise I wouldn’t be able to access the service, and probably wouldn’t be able to figure out why either).
So I’d vote for yes “re-type your email address”, and still out on the “re-type your password”… (leaning more towards yes because I do think the chances of misspelling the password are higher than you think…)
Dave
September 12th, 2008 at 10:43 am
Slightly off-topic, but what I find EXTREMELY annoying is sites that not only force you to change your password (although I somewhat agree with the reasoning), but don’t allow you to use passwords you’ve previously used. And even worse, those that won’t let you use passwords similar to ones you’ve already used!
For online access to our merchant account, we have to change the password every 45 days, and it can’t be similar to one that has already been used. (And if you enter it wrong 3 times in a row, you have to call to get your account re-activated.)
Jim Moran
September 16th, 2008 at 9:32 am
I agree and in fact just created another twitter account and noticed they only prompt for a single entry of the password. First I’ve ever seen.
loanvy
July 12th, 2010 at 6:45 am
nguyenloan630@gmail.com
loanvy
July 12th, 2010 at 6:48 am
Re-Enter your Password