Loading ...
Sorry, an error occurred while loading the content.

Number of Password Fields to use

Expand Messages
  • Baker, Lisa
    For creating the password or entering the password to validate? For creating the password in the first place, two fields are helpful so the user doesn t
    Message 1 of 9 , Oct 1, 2007
    • 0 Attachment
      For creating the password or entering the password to validate?

      For creating the password in the first place, two fields are helpful so
      the user doesn't fat-finger their intended password and lock them self
      out of the system.

      For authenticating, I agree with Jade. One field is sufficient.



      Lisa Baker
      Human Factors Lead
      LANDesk, an Avocent(r) Company
      Lisa.baker@...
      801.208.1315



      "Simplifying our customers' work"


      -----Original Message-----
      From: agile-usability@yahoogroups.com
      [mailto:agile-usability@yahoogroups.com]
      Sent: Saturday, September 29, 2007 2:54 AM
      To: agile-usability@yahoogroups.com
      Subject: [agile-usability] Digest Number 683

      There is 1 message in this issue.

      Topics in this digest:

      1a. Re: Number of Password Fields to use
      From: Jade Ohlhauser


      Message
      ________________________________________________________________________

      1a. Re: Number of Password Fields to use
      Posted by: "Jade Ohlhauser" jade@... jadeohlhauser
      Date: Fri Sep 28, 2007 9:18 am ((PDT))

      My 2 cents: One field.



      Here's the possibilities with the two field system:



      1. Password is correct

      2. Password is incorrect - User is typing correctly but is
      thinking of the wrong password or does not know the password and is
      guessing (fields match but are wrong)

      3. Password is incorrect - User makes a repeatable error due to a
      problem like caps lock being on (fields match but are wrong)

      4. Password is incorrect - user knows password but makes a random
      typing error (fields don't match)



      You are adding the extra input step for everyone, but only offering the
      benefit in case 4. And here's the kicker, you are doubling the chances
      of a case 4. If the fields are different you don't know which one, only
      that they are different and maybe the error was added in the second one.
      If they don't match I have to re-enter both again. So I've typed that
      password 4 times instead of twice (assuming it was a random typing
      problem that was fixed after the first negative feedback)



      But here's the biggest reason, who gets that benefit? Is it the user or
      the system. Are you making the user do more work so the system can
      sometimes do less?



      Assumptions: the password fields obscure the values being entered and
      the credentials check is effectively instant.



      Jade Ohlhauser
      Product Manager
      RPM Software
      www.rpmsoftware.com
      <outbind://8-000000006D3A19DA0F06154598B3B2CFA0802F620700779AD3D0551A914
      1AFC9645FA3DED8680000000098A90000CB1E603596BAEE4D856D53AC40EBE439000001B
      4E5C70000/exchweb/bin/redir.asp?URL=http://www.rpmsoftware.com/>
      403-475-9485



      From: agile-usability@yahoogroups.com
      [mailto:agile-usability@yahoogroups.com] On Behalf Of Alex Horstmann
      Sent: Friday, August 31, 2007 3:45 AM
      To: agile-usability@yahoogroups.com
      Subject: [agile-usability] Number of Password Fields to use



      Hi all,

      I'm having an interesting discussion (read: argument!) here about the
      number of password fields to use so I thought that I'd get some more
      opinions.

      We have a feature where users can enter login credentials for systems
      (for example a username and a password is entered for a server which
      is stored on our system). I am saying that there should be 2 password
      input fields to trap users mistyping the password, the other side of
      the argument is that there should only be one. The user can then test
      what they have done and see if it works (our system allows users to
      test the credentials by trying to log into the target system).

      I say that this is extra work and surely it's easier to make sure that
      the user has entered the correct password by making them enter it twice.


      Which side of the argument are you? Why?

      Thanks in advance for your input!

      Alex
      __________________
      Alexander Horstmann
      Senior User Interface Engineer
      Tideway Systems Ltd.
      T: +44 (0)207 368 7326
      F: +44 (0)207 352 4922
      "What we've got here is failure to communicate."

      international-usability@yahoogroups.com
      <mailto:international-usability%40yahoogroups.com>




      Messages in this topic (8)
      ________________________________________________________________________
      ________________________________________________________________________



      ------------------------------------------------------------------------
      Yahoo! Groups Links



      ------------------------------------------------------------------------
    Your message has been successfully submitted and would be delivered to recipients shortly.