As I was trying to reset a password on my Relay For Life account, I ran into this awful case of really bad user experience (UX).
When I’m first taken to the form there is no indication or hint as to any rules for the password field. Sometimes you’ll see rules or restrictions for password fields like restrictions on special characters, must include uppercase/lowercase/numbers/symbols, and minimum or maximum length. Besides the fact that this in itself is bad practice (restricting what users can do with their passwords), at least I would have had some direction.
So I used 1Password to generate a secure password of 40 characters and submitted the form. Then I got the error response above which is of very little value to me. It tells me there’s a maximum number of characters I can use, but doesn’t specify a number. The only way to fix my password input is to keep trying with less and less characters.
Please, at least give me a hint so I only have to resubmit once. Or better yet, allow 40 character, secure passwords or tell me up front if there are restrictions.