I Wish Passwords Would Just Die


As I was researching my fun UXFAIL post this week I came across a kind of mini-meme: the Angry Password Message:

password 5

I have two massive issues with passwords.

Crazy validation rules
Yeah, I’m looking at YOU iForgot. When I first got my iPhone 5 it took me 30 mins to do anything. Why? I had forgotten my iTunes password and I had to reset it but it took me forever to construct a valid password that contained 1 upper and 1 lower case letter, a number, no two consecutive characters the same etc etc. If you want to hack into my iTunes account and steal my copy of this album then my password is: Ifuckinghateitunes6. Aye, you won’t be forgetting that in a hurry!


Password masking
ARRRGHHHHHHHH! Why! This is a huge anti-pattern that should have died in 1978 but persists, a bit like the Rolling Stones, or mould. Whenever I design a signup/login form, I make passwords visible by default:


And seeing what you’re typing is even more important on mobile where data input is a nightmare.

Having said all that I acknowledge how important security is. I had my Twitter account hacked by ISIS wannabes.

Oh yeah?

password 6.PNG

I now have double authentication!

And here’s the contention: should the system force the user to choose a ‘secure’ password or is the burden of responsibility on the user? Is the ideal free’n’easy password creation and if security is super important, double authentication?

What do you think?



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s