Passwords

This pattern helps users create and enter secure and memorable passwords.

How it works

When using passwords on the site, you should:

• Help users make them strong
• Provide constant feedback when a password is being created so that the user understands what requirements need to be met to make a password that is secure enough (ie. minimm character length, numbers, special characters etc)
• Allow passwords to be pasted
• Maintain privacy, especially when helping to reset a password
• Hide passwords by default, with an option to view
• Send a temporary link to a registered email or phone number to reset a forgotten password, rather than use security questions

Passwords are currently validated by checking the following:

• 8+ characters
• Contains letters and numbers
• Contains upper and lower case
• Contains special characters (example: _ $ &)
  

When to use

You should follow this pattern whenever you need users to create or enter a password.

Tips

Avoid overly strict or confusing password constraints. Doing so will make users less likely to sign up for an account, or easily forget their password and have to reset it.