Is it ever useful to show the Password Requirements on page load?
I have a hypothesis that I have no idea how to test other than lots of observational testing, but perhaps someone has covered this already.
On signing up to a new service and being presented with the Choose your Password field, almost all users never read the password rules before entering a password. They already have a password in mind before signing up to the service, so all they do is type in their chosen password and then use the site feedback to tell them whether it passes validation or not.
Has this hypothesis been supported in any way?
I'm trying to support a case that there is no need showing the password requirements to the user unless the password they enter is invalid for whatever reason, but I wanted to find out if displaying those rules is actually potentially useful, and that it would cause a negative experience if I were to bin them off.