Confirming passwords bad UX design?

Let me first say, I don’t think password confirmations are bad UX design. But I ask you, are they really necessary? I don’t think so.

Let’s take a look at some popular sites which have millions of users. These are industry leaders.

Let me first say, I don’t think password confirmations are bad UX design. But I ask you, are they really necessary? I don’t think so. Let’s take a look at some popular sites which have millions of users. These are industry leaders.

{% img full-width /media/confirming-passwords-bad-ux-design/dropbox.png %} {% img full-width /media/confirming-passwords-bad-ux-design/facebook.png %} {% img full-width /media/confirming-passwords-bad-ux-design/twitter.png %}
{% img full-width /media/confirming-passwords-bad-ux-design/pinterest.png %}

Sites like Dropbox, Facebook, Pinterest and Twitter all practice engineered minimalism in design. The idea is simple, don’t make your users fill out a crap load of stuff. These sites all pay big bucks for A|B testing. Guess what?

None of them make you confirm your password during sign up.

Still not convinced? Let’s take a step back think about function. What is even the point of a sign up page? It’s most likely to get a user into your system so you can have them do stuff right?

Assume we aren’t going to use oAuth for whatever reason and we are going to have a sign up page. We probably want a low barrier of entry. That means having no wizards, fewest fields possible - a real wam bam thank ya ma’am sign up.

Let me ask you, how often do you mistype your password when signing up for something new? Most people use the same few passwords for all their websites, so they are seasoned veterans at typing their password. People make mistakes though so password recovery is important. If your site doesn’t have a way to recover a password, then confirming the user got their password correct would be pretty important. For example, when you’re signing up for a Gmail account, you have to type your password twice. That’s because it’s a lot harder to retrieve a password for email systems Where would you send a password recovery email to if you get locked out of your email?

I’m also a big fan of designing for the masses. We shouldn’t annoy 80% of the population by making them type their password twice, just because 20% of the population can’t type it right. Those 20% deserve to go reset it a few times, they need typing practice anyway. ^_^

If I still haven’t convinced you… try reading some other places.

post by K.D. on 10/30/2013