Lauren WeinsteinJan 16, 2023

Greetings. I wish I'd gotten a screenshot of this one, but I saw a registration form today that was one of the worst examples of "password hell" I've ever seen. I think it had about 10 lines of requirements, stuff like:

Must be 9 to 14 characters.
Must include both lower and uppercase alphabetics.
Must include numbers.
Must include special characters.
Can't have more than three alphabetics in a row.
Can't have more than three numbers in a row.
Can't have more than three special characters in a row.
... and so on.

OH, and of course, copy/paste was disabled for both username and password, so this all had to be hand typed TWICE for confirmation. AND ... the typed password was obscured with no way to choose to display it.

And you wonder why the Galactic Federation has quarantined this planet.

Best, -L

Show threadDethe ElzaJan 16, 2023
@lauren Make this snippet of JavaScript a bookmarklet and you will always have a way to toggle display of passwords:
javascript:document.querySelectorAll('[type=password],[type=pwd').forEach(p=>p.type=p.type==='password'?'pwd':'password');void(0);
Show threadLauren WeinsteinJan 16, 2023
@dethe As I've said many times, I *know* these tricks and workarounds. I don't need to hear about them. I don't care about techies who know this stuff like you and me. What I care about are all the people who have to deal with the forms as they are, and how they get screwed up. I wish more techies would think about them.
Show threadKen O'DriscollJan 16, 2023

@lauren @dethe This type of crap really impacts people who rely on accessibility features, e.g., screen readers, voice commands, etc. I know more than one person who would be totally defeated by stuff like this.

It's hostile web coding/design and needs to be called out loudly when encountered.

Show threadMikeK

@ken @lauren @dethe

I honestly don't know how civilians who aren't married to a tech cope.

Jan 16, 2023 at 7:02pmWeb