Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
7 Password 
Creation & Recovery 
Frustrations 
Every Designer Should Know About 
@UserTesting | 800-903-9493 | sales@usert...
7 Password Frustrations 
Password creation and retrieval 
can be a painful activity. 
@UserTesting | 800-903-9493 | sales@...
7 Password Frustrations 
What’s more, a frustrating sign-in experience 
can prevent users from returning to your site. 
To...
7 Password Frustrations 
Password Creation 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
Frustration #1: 
Missing instructions 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
It’s no fun for users to enter the password of 
their choice, only to receive an error message 
s...
7 Password Frustrations 
Solution: 
Make all password requirements clear from 
the beginning. 
Be sure the requirements ar...
7 Password Frustrations 
Clearly stating the requirements saves time 
and sanity for your users. 
@UserTesting | 800-903-9...
7 Password Frustrations 
Password strength meters indicate whether a 
user has successfully met all the requirements, 
and...
7 Password Frustrations 
The meter on the left tells me at a glance that 
this short password isn’t going to cut it. 
@Use...
7 Password Frustrations 
Find out what users think 
about your site or app’s 
password requirements! 
Watch over the shoul...
7 Password Frustrations 
Frustration #2: 
Overly complex requirements 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
A lot of websites require passwords to contain 
a certain level of complexity to increase 
securi...
7 Password Frustrations 
For example, “Orange1!” is a pretty weak 
password. It would be easy for a computer 
to crack, ev...
7 Password Frustrations 
Plus, complex passwords 
are especially irritating 
and difficult to type on 
mobile devices. 
Mo...
7 Password Frustrations 
Solution: 
Rather than enforcing strict complexity parameters, 
consider using length requirement...
7 Password Frustrations 
A Carnegie Mellon University study shows 
that 16-character, simple passwords perform 
better aga...
7 Password Frustrations 
Frustration #3: 
What happens when the user 
doesn’t follow instructions 
@UserTesting | 800-903-...
7 Password Frustrations 
Even if you specify the password requirements up 
front, some users will try to choose a password...
7 Password Frustrations 
Solution: 
When this happens, make it easy for the 
user to understand and fix the error. Clearly...
7 Password Frustrations 
This error message 
isn’t very helpful. 
How do I know 
what I did wrong? 
With this message, 
I ...
7 Password Frustrations 
Finally, if the password doesn’t meet 
requirements, don’t allow your signup form 
to erase all o...
7 Password Frustrations 
Frustration #4: 
Typos in the password 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
If a user types in a password incorrectly, 
then they won’t be able to sign in with the 
password...
7 Password Frustrations 
Solution: 
To prevent this problem, many sites require 
the user to enter their chosen password 
...
7 Password Frustrations 
Alternatively, you can unmask the password 
(or at least give the user the option to do so). 
It’...
7 Password Frustrations 
With an unmasked password, users can 
double-check to ensure they’ve entered 
everything correctl...
7 Password Frustrations 
This signup form allows users to unmask the password, and 
it clearly shows which requirements ha...
7 Password Frustrations 
Password Recovery 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
Frustration #5: 
No clues about the original 
password requirements 
@UserTesting | 800-903-9493 ...
7 Password Frustrations 
Some websites have very specific password 
parameters that users won’t necessarily 
remember when...
7 Password Frustrations 
This error message doesn’t give me any 
specific clues about what I did wrong. 
@UserTesting | 80...
7 Password Frustrations 
Solution: 
Except on sites with very high security 
concerns, it’s a good idea to display the 
pa...
7 Password Frustrations 
Frustration #6: 
Unclear retrieval steps 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
If the user doesn’t understand what to do 
next, or where the password retrieval link will 
be se...
7 Password Frustrations 
Solution: 
Be clear from the beginning about which email 
address is associated with the account....
7 Password Frustrations 
Frustration #7: 
Emailing the forgotten 
password in plain text 
@UserTesting | 800-903-9493 | sa...
7 Password Frustrations 
It’s never a good idea to include a password 
in an email, which can easily be intercepted. 
It’s...
7 Password Frustrations 
If your site has fewer security concerns 
(say, a recipe sharing community) it may be 
tempting t...
7 Password Frustrations 
Always consider the fact that users are 
especially likely to reuse weak passwords on 
sites like...
7 Password Frustrations 
Besides, it’s always best to hash and salt 
passwords, which prevents website owners 
— or hacker...
7 Password Frustrations 
Other Considerations 
@UserTesting | 800-903-9493 | sales@usertesting.com
7 Password Frustrations 
It may come as no surprise that the best 
way to find out how users will feel about 
your passwor...
7 Password Frustrations 
Users have different expectations about 
password requirements and usage depending 
on the type o...
7 Password Frustrations 
Find out what users think 
about your site or app’s 
password requirements! 
Watch over the shoul...
www.usertesting.com 
@UserTesting | 800-903-9493 | sales@usertesting.com
Upcoming SlideShare
Loading in …5
×

7 user experience password frustrations and how to fix them

10,851 views

Published on

Password creation and retrieval can be a painful activity.

What’s more, a frustrating sign-in experience can prevent users from returning to your site.

While password creation might seem like a minor issue, it can make or break the experience for the user (which equals conversions for you). To make it easy for users to sign up and keep signing in to your site, we cover the most common user frustrations and their solutions.

Published in: Technology, Design

7 user experience password frustrations and how to fix them

  1. 7 Password Creation & Recovery Frustrations Every Designer Should Know About @UserTesting | 800-903-9493 | sales@usertesting.com
  2. 7 Password Frustrations Password creation and retrieval can be a painful activity. @UserTesting | 800-903-9493 | sales@usertesting.com
  3. 7 Password Frustrations What’s more, a frustrating sign-in experience can prevent users from returning to your site. To make it easy for users to sign up and keep signing in to your site, take a look at these common user frustrations and their solutions. @UserTesting | 800-903-9493 | sales@usertesting.com
  4. 7 Password Frustrations Password Creation @UserTesting | 800-903-9493 | sales@usertesting.com
  5. 7 Password Frustrations Frustration #1: Missing instructions @UserTesting | 800-903-9493 | sales@usertesting.com
  6. 7 Password Frustrations It’s no fun for users to enter the password of their choice, only to receive an error message stating that the password didn’t meet the requirements, which were never described in the first place. @UserTesting | 800-903-9493 | sales@usertesting.com
  7. 7 Password Frustrations Solution: Make all password requirements clear from the beginning. Be sure the requirements aren’t in the form field itself, where they will disappear when the user starts typing. @UserTesting | 800-903-9493 | sales@usertesting.com
  8. 7 Password Frustrations Clearly stating the requirements saves time and sanity for your users. @UserTesting | 800-903-9493 | sales@usertesting.com
  9. 7 Password Frustrations Password strength meters indicate whether a user has successfully met all the requirements, and they’re a good motivator to choose a strong password. @UserTesting | 800-903-9493 | sales@usertesting.com
  10. 7 Password Frustrations The meter on the left tells me at a glance that this short password isn’t going to cut it. @UserTesting | 800-903-9493 | sales@usertesting.com
  11. 7 Password Frustrations Find out what users think about your site or app’s password requirements! Watch over the shoulder of a real person as they create a password for the very first time, or attempt to navigate your password reset process. Give UserTesting a Try @UserTesting | 800-903-9493 | sales@usertesting.com
  12. 7 Password Frustrations Frustration #2: Overly complex requirements @UserTesting | 800-903-9493 | sales@usertesting.com
  13. 7 Password Frustrations A lot of websites require passwords to contain a certain level of complexity to increase security. Complexity alone doesn’t always make a password secure. @UserTesting | 800-903-9493 | sales@usertesting.com
  14. 7 Password Frustrations For example, “Orange1!” is a pretty weak password. It would be easy for a computer to crack, even though it could be difficult to remember. @UserTesting | 800-903-9493 | sales@usertesting.com
  15. 7 Password Frustrations Plus, complex passwords are especially irritating and difficult to type on mobile devices. Mobile keyboards make numbers and capital letters prone to error. @UserTesting | 800-903-9493 | sales@usertesting.com
  16. 7 Password Frustrations Solution: Rather than enforcing strict complexity parameters, consider using length requirements. @UserTesting | 800-903-9493 | sales@usertesting.com
  17. 7 Password Frustrations A Carnegie Mellon University study shows that 16-character, simple passwords perform better against brute force attacks than 8-character, complex passwords. The effectiveness of long passwords is also illustrated by this popular cartoon. @UserTesting | 800-903-9493 | sales@usertesting.com
  18. 7 Password Frustrations Frustration #3: What happens when the user doesn’t follow instructions @UserTesting | 800-903-9493 | sales@usertesting.com
  19. 7 Password Frustrations Even if you specify the password requirements up front, some users will try to choose a password that doesn’t fit the parameters you set. @UserTesting | 800-903-9493 | sales@usertesting.com
  20. 7 Password Frustrations Solution: When this happens, make it easy for the user to understand and fix the error. Clearly explain which requirement was missed and what the user should do to correct it. @UserTesting | 800-903-9493 | sales@usertesting.com
  21. 7 Password Frustrations This error message isn’t very helpful. How do I know what I did wrong? With this message, I know exactly what to fix. @UserTesting | 800-903-9493 | sales@usertesting.com
  22. 7 Password Frustrations Finally, if the password doesn’t meet requirements, don’t allow your signup form to erase all of the information the user entered! It’s bad enough to get an error message for creating a weak password; it’s much worse to have to fill out every field on the form to make a second attempt. @UserTesting | 800-903-9493 | sales@usertesting.com
  23. 7 Password Frustrations Frustration #4: Typos in the password @UserTesting | 800-903-9493 | sales@usertesting.com
  24. 7 Password Frustrations If a user types in a password incorrectly, then they won’t be able to sign in with the password they thought they created. @UserTesting | 800-903-9493 | sales@usertesting.com
  25. 7 Password Frustrations Solution: To prevent this problem, many sites require the user to enter their chosen password twice. While this catches typos, it’s not the most pleasant user experience. @UserTesting | 800-903-9493 | sales@usertesting.com
  26. 7 Password Frustrations Alternatively, you can unmask the password (or at least give the user the option to do so). It’s relatively rare for users to have their secure information stolen by a person looking over their shoulder at the moment of password creation. @UserTesting | 800-903-9493 | sales@usertesting.com
  27. 7 Password Frustrations With an unmasked password, users can double-check to ensure they’ve entered everything correctly. @UserTesting | 800-903-9493 | sales@usertesting.com
  28. 7 Password Frustrations This signup form allows users to unmask the password, and it clearly shows which requirements have been met. @UserTesting | 800-903-9493 | sales@usertesting.com
  29. 7 Password Frustrations Password Recovery @UserTesting | 800-903-9493 | sales@usertesting.com
  30. 7 Password Frustrations Frustration #5: No clues about the original password requirements @UserTesting | 800-903-9493 | sales@usertesting.com
  31. 7 Password Frustrations Some websites have very specific password parameters that users won’t necessarily remember when they go to sign in. @UserTesting | 800-903-9493 | sales@usertesting.com
  32. 7 Password Frustrations This error message doesn’t give me any specific clues about what I did wrong. @UserTesting | 800-903-9493 | sales@usertesting.com
  33. 7 Password Frustrations Solution: Except on sites with very high security concerns, it’s a good idea to display the password requirements after the first failed attempt at sign-in. It’s also helpful to indicate whether the username or the password was the culprit for the failed sign-in. @UserTesting | 800-903-9493 | sales@usertesting.com
  34. 7 Password Frustrations Frustration #6: Unclear retrieval steps @UserTesting | 800-903-9493 | sales@usertesting.com
  35. 7 Password Frustrations If the user doesn’t understand what to do next, or where the password retrieval link will be sent, they’re not as likely to return to your site. Either they’ll become irritated and avoid it on purpose, or they’ll simply give up and forget about it. @UserTesting | 800-903-9493 | sales@usertesting.com
  36. 7 Password Frustrations Solution: Be clear from the beginning about which email address is associated with the account. For added security, you can mask portions of the email address, as in the following example: @UserTesting | 800-903-9493 | sales@usertesting.com
  37. 7 Password Frustrations Frustration #7: Emailing the forgotten password in plain text @UserTesting | 800-903-9493 | sales@usertesting.com
  38. 7 Password Frustrations It’s never a good idea to include a password in an email, which can easily be intercepted. It’s much more secure to send a link to reset the password. @UserTesting | 800-903-9493 | sales@usertesting.com
  39. 7 Password Frustrations If your site has fewer security concerns (say, a recipe sharing community) it may be tempting to think this rule shouldn’t apply. @UserTesting | 800-903-9493 | sales@usertesting.com
  40. 7 Password Frustrations Always consider the fact that users are especially likely to reuse weak passwords on sites like this. A hacker who intercepted the email would likely gain the credentials for many other sites. @UserTesting | 800-903-9493 | sales@usertesting.com
  41. 7 Password Frustrations Besides, it’s always best to hash and salt passwords, which prevents website owners — or hackers — from “looking up” a lost password. @UserTesting | 800-903-9493 | sales@usertesting.com
  42. 7 Password Frustrations Other Considerations @UserTesting | 800-903-9493 | sales@usertesting.com
  43. 7 Password Frustrations It may come as no surprise that the best way to find out how users will feel about your password creation and retrieval process is—that’s right—to test it! @UserTesting | 800-903-9493 | sales@usertesting.com
  44. 7 Password Frustrations Users have different expectations about password requirements and usage depending on the type of website: for example, a bank vs. a social network. To find the right balance of security and ease of use, ask users directly through surveys and user tests. @UserTesting | 800-903-9493 | sales@usertesting.com
  45. 7 Password Frustrations Find out what users think about your site or app’s password requirements! Watch over the shoulder of a real person as they create a password for the very first time, or attempt to navigate your password reset process. Give UserTesting a Try @UserTesting | 800-903-9493 | sales@usertesting.com
  46. www.usertesting.com @UserTesting | 800-903-9493 | sales@usertesting.com

×