Monday assorted links


I expected #2 to be tons of wrong information about password strength and all that. Luckily it was actually a pretty good article about the usability of the forms, not the passwords themselves.

It was good. We have important passwords we really remember, and then casual ones we just recover when we need them. On casual sites, one entry and recovery is fine. Especially with "show."

Important sites should confirm, and use two factor authentication.

I don't see any reason to have confirm. If they mistyped it they can use the recovery mechanism. And show should be default with hide the option. Most people aren't creating passwords in public places.

"I don’t see any reason to have confirm. If they mistyped it they can use the recovery mechanism."

The problem with most good ideas is users. In this design, it is likely that many of them will not realize they mistyped their password and instead think your site is broken. They will then either abandon your site or generate a lot of support requests that waste your time.

Eliminating the confirmation is an interesting idea, and one worth testing, but I suspect the greater ease (and higher conversion rate) at the front will be offset by worse results later.


Thanks Tyler for sharing our case study (I work at Formisimo) regarding ditching the 'Confirm password' field.

Just wanted to pop in and say that we didn't see any change in the number of password reset requests. That's not definitive proof that they didn't forget but it gives some indication that a confirmation field doesn't help people remember their password any better.

I will say that our results shouldn't be taken as gospel. We don't recommend applying this without testing on your own site and with your own audience. However, we do share these things so that other people will consider testing them. As 1 person alluded to here, much of designing a great user experience is designing for user perception. There is minimal technical reason to ask users to confirm their password but, depending on your audiencve, there might be a psychological one.

Happy to answer any other questions on this.

I always just copy/paste from the first field to the second. I am stunned anyone would even attempt to do that by hand. The really sophisticated probably have a browser extension to duplicate the fields. If they try and disallow copy/paste then I would abandon the site and the browser for one that disables the disallowance.

Anyway, your passwords should just be all non-printable Unicode now that HTML5 allows all the characters.

HTML allows it, but that doesn't mean the rest of the site's toolchain does.

A good rule of thumb for successful use of software (including websites) is "don't try anything that the developers probably didn't test."

I have no idea why anyone would think that robot waiters in a low-wage country like China was a good idea. Especially why low-rent robots were sensible.

So much for self-driving cars, AI can`t even operate in a controlled environment

Well in China the robots cost $7000. I would hope that self-driving cars were more sophisticated. The problem may start with low-balling your robots in a low-wage economy.

Wages in Shanghai aren't low by global standards.

2. Small steps towards dystopia - ever notice how never worries about 'conversions?'


I think p_t's angry that businesses try to make money?

3. Armpit sniffing as the new frontier in assortative dating and mating. There is no great stagnation.

There. Fixed that for ya.

@#4 - there's an armpit reference in this St. Looie chess city article too: "hands hidden in armpits"...

...and this seems suspicious as Satoshi: "These days, he (chess mega-patron Rex Sinquefield) plays some twenty online games at a given time, he says, describing himself as a “decent club player” with “a healthy addiction.”" But I recall he hung his queen and played like a patzer a few years ago in a "foursome" game where four players vs four player alternate making moves for each side. I thought seriously he was a Class D player, not a decent club player.

#1. It's not just gay dance clubs. The New York branch of Pacha, a nightclub that hosts top DJs closed at the end of 2015. The Economist reported on this trend a few months back.

Rents are rising and millennials have less disposable income. Plus, why go through the whole rigmarole of going out when you can just swipe right?

It's Pinch Sulzberger's TImes. Gays are Special.

You know wrath is a mortal sin, right? At your age you should start thinking about how you are going to account for yourself.

Would snark be a venial sin?

The "rave" craze really got going with the early 1990's recession leading to huge warehouses empty and owners desperate to make a buck (even if it meant some legal risk) to let promoters fill them with hundreds of ecstasy taking ravers.

Perhaps large dance clubs are a counter-cyclical phenomenon...

Appalachian Lives Matter

Some more than others, it would seem.

The fact that the article about chess and St. Louis doesn't even mention that Susan Polgar teaches there borders on being a hanging offense. Wow.

You can use random password generators.

Or if you don't trust them, just mash up a bunch of keys, copy-paste, virus-proof your USB key(s) for backup, list in .txt file by site, and copy-paste back into p/w field as necessary (and just don't look too close while you do it, for the "remote neural monitoring" case) if history is cleared or for double entry to confirm the "random" p/w.

Someone didn't read the article. That would take too much time away from bloviating.

Sorry. I changed from the specific sub-topic of the article to the general topic. Such misdirection should be banned.

Comments for this post are closed