Retyping password to confirm...necessary or excessive?

views:

209

answers:

+3 Q:

Retyping password to confirm...necessary or excessive?

Simple question...I've noticed several large sites (Facebook, Twitter, etc) have ditched the idea of requiring new registrants to confirm their new password by typing it again.

Balancing usability and error-prevention effectiveness...is it better to require confirmation or not?

+6 A:

I would say yes, it is a useful feature.

I've mistyped a new password on multiple occasions, and I'm glad the software caught it then, rather than later, since resetting or changing a password later is generally a cumbersome process (relative to just notifying me right then that it was wrong).

James McNellis 2009-12-30 07:01:03

+4 A:

I think it's excessive and here is a solution to show password on demand which provides an option to view the password if the user is in doubt. It improves usability and user experience.

Chandra Patni 2009-12-30 07:01:28

yeah i like this idea...do you think non-savvy / paranoid users are okay with "disclosing" their password to their surroundings?

johnnietheblack 2009-12-30 07:14:02

Since it is only on signup, I think if they thought they mis-typed it, anyone would feel comfortable enough to quickly "check" then "uncheck" the show box. I think this solution is really solid.

Doug Neiner 2009-12-30 07:15:54

thats a good point, the quick flippy is probably how it'd go down.

johnnietheblack 2009-12-30 07:21:23

The paranoids can also be assured that they can reset their password where instructions will be mailed to them.

Chandra Patni 2009-12-30 07:21:45

This is an interesting solution, though I don't know that it's as straightforward as just having the user type his password twice. By forcing the user to click and unclick a checkbox, you make it slightly more difficult for him to simply tab through the fields without using the mouse. At least that's my first impression.

James McNellis 2009-12-30 17:09:41

+1 A:

I believe the confirmation is needed. We can absentmindedly mistype a password and later find it difficult to log in. It is better to put in some extra keystrokes during registration than later going through the whole cycle of resetting password or worse registering again. Prevention is better than cure.

Christy John 2009-12-30 07:05:31

If you have a killer, super easy to use password reset system, then no, its not needed. If your password reset system leaves something to be desired, then go with either the confirmation or a solution like @Chandra suggested.

Doug Neiner 2009-12-30 07:09:49

yeah thats a good point. my system requires a link to be mailed, etc. so if they screw up accidently it might be a harsh punishment.

johnnietheblack 2009-12-30 07:12:21

I think having to retype passwords is worth the pain of accidentally mistyping it first time. If you use numbers in place of letters then seeing the password may not be that much help.

What really bugs me is having to retype an email address. How many people don't simply use copy and paste?

David Sykes 2009-12-30 11:05:06

regarding mail-address: i guess it is for the reason that in many system the mail address becomes an 'id' and cannot be changed later and is used for all confirmation mails. therefore it is important to get it the first time correctly. i don't think that the majority of users are using copy/paste.

manuel aldana 2009-12-30 12:30:25

A system that won't allow you to change your email address sounds a bit poor

David Sykes 2009-12-30 14:48:47

i'd probably have to agree weith @David...if you are going to use something like an email address to actually interact wiht your user throughout the site, i think you should find a better 'id'...people generally have 3-4 emails and always switch to new ones...

johnnietheblack 2009-12-30 16:34:05

ansaurus

tags:

views:

answers:

Retyping password to confirm...necessary or excessive?

related questions