Over christmas, I was sat with my stepdad as he opened up his new Kindle and attempted to set it up (a whole other usability story!). As it asked for his Amazon password he exclaimed how he didn’t have a clue what it was but he’d find out. The next thing I know, he’s opening up a spreadsheet on his laptop full of all his passwords! There must have been 20-30 of them. He said it’s the only way he can keep track of them all.
I was at a focus group recently where discussion naturally lead onto the topic of passwords. Every single person described how frustrated they are with the increasing pressure to create ever complex passwords that they then don’t remember.
It’s clearly a heated topic amongst users but with security being a top concern for companies (and rightly so), it puts ux designers in an awkward catch 22 situation. Make the password too complex and you risk people making the very un-secure decision of writing the thing down. Perhaps even putting it on a post-it by their computer – yes this happens!
Anyway, as it’s Friday, let’s take a funny look at how this feels from the user’s perspective. I suspect most of you have also experienced this, haven’t you?
3 thoughts on “Why people hate online passwords”
I wanted to like this post but it required me to use my WP password which I can never remember! Really enjoyed this, but what is the answer to this dilemma? I believe you can now get a kind of super password that centralises all your passwords in one place but this strikes me as a little bit dangerous from a security point of view.
It would be nice if instead of insisting on a short jumble of characters and symbols, we could just write a pass-phrase. A full sentence would be easier to remember and more secure because of the sheer length and number of characters involved. Or create a more visual password using a series of images that you click on. Some sites use single security images already as a way to verify your account.
Last year I heard an interview with a guy who was in Sydney for a conference about passwords (can you believe it?), anyway we recommended that your password should be a short version of a sentence including punctuation. For example, I had a great Christmas did you? – would be IhagCdy? I thought this was a good idea.