File under: Something is Wrong on the Internet.
We have passwords for everything. We have passwords for e-mail, for online banking, for social networking sites (Facebook, Twitter, Tumblr, Pinterest…), for our phones, for our debit cards, for photo sharing sites, for online magazine and newspaper subscriptions, et cetera. Every company with a website wants you to create a login and password, so they can (a) start collecting information about you, and (b) inundate you with tailored advertising.
But I’m not writing about the necessity of these multiple login/password combinations (or lack thereof); I’m writing about the annoyance and frustration that results from each company and service having different requirements for creating a password. You know: it must be between 6-15 characters (or 8-12, or 6-20), it must be a combination of letters and numbers (or letters, numbers, and special characters), you can/cannot use spaces, it is(n’t) case sensitive…and so on.
Obviously it’s wise to use different passwords for different sites. That way, if (for example) your Facebook account gets hacked, the hackers don’t automatically have your password to your Amazon account, your bank, etc. However, remembering dozens of passwords is tricky, and writing them down or saving them someplace online presents problems too (though I’ve heard good things about the password manager LastPass).
My current approach is to use a “stem,” a combination of letters and numbers, and attach a different prefix or suffix that is easy for me to remember, depending on the site or service I’m using. Inevitably, though, a set of password requirements comes along that causes me to have to tweak my formula in a way that ensures I will not remember it in the future, and so I’ll have to send myself a password reminder and re-set it the next time I want to log in.
UNLESS, before prompting me with the “Forgot your password?” link to send that reminder, the site simply provided its password requirements (e.g. the “Password Tips” image above, which is from the Starbucks website). Then I’d be able to remember, or at least make a very good guess, as to how I’d modified my usual password, and not have to go through the process of re-setting my password again and again.
This is a tragically simple fix that would improve user experience so much, and yet almost no website does it. Yes, The Internet, that’s a challenge.
Image from Tumblr via Google Image Search. Copyright most likely held by the estate of Dr. Seuss (Theodor Geisel) or Random House. Obviously I neither created nor hold the rights to The Lorax, the publication of which preceded my birth by at least a decade.
One thought on “Password creation and user experience (UX)”
I am way behind on reading your posts, but OMG YES! It’s only when I’m already creating a new password and see the criteria that I realize what my password must have been.