Comments on: Confirm Password, Idiot.

By: don

don — Fri, 06 Feb 2009 16:09:42 +0000

I am just reworking a form for my site and wanted to confirm my suspessions about the password field. Even very large companies have the password repeated, but why? Isn’t that why we have a “forgot password” link?

By: Buck

Buck — Wed, 11 Jun 2008 14:38:09 +0000

That’s pretty interesting, really. I wonder what users would think if there was an option next to the password field stating “don’t obscure my password”? It would definitely take users aback if the default was that the option was checked– I wonder if they would care that much, since they’ve been trained to expect that field to be obscured, no matter what type of application they are using.

It does make a lot of sense to *not* obscure it when they’re registering initially, though.

By: C

Wed, 11 Jun 2008 05:02:01 +0000

Just found your site via SVN. Couldn’t agree with you more. Taking it one step further, why obscure it in the first place? Are there really that many people looking over your shoulder?