creating the correct password parameters for a site, with cc details stored

I am trying to think of the best requirements to set a password for a customer relationship management cloud software service. A credit card is stored on the site, which is only useful to the site owner i.e. if someone else logged in, they wouldn't get much benefit.

So here are my options:

min 6 character password - simple and easy, they can use their favorite password, and won't struggle to remember it.
min 8 chars, 1 upper case, 1 number, 1 non-alphanumeric character - secure, but it gets annoying, and if you forget the password, it's hard to remember.
min 6 chars, 1 number, 1 upper case - somewhere in between, a bit more secure, and a likely chance they can still enter their favorite password.

Thoughts?

Tags: an event apart, smashing, speckyboy, UX Interview, ux stack, UX Stack Exchange, UXBooth

creating the correct password parameters for a site, with cc details stored

UX in 2018: The human element

Three Takeaways from the Hawai’i Missile False Alarm

UX in 2018: Content

UX in 2018: Design, Development, and Accessibility

The Power and Danger of Persuasive Design

creating the correct password parameters for a site, with cc details stored

Related Posts