Password Restrictions vs No Restrictions

When a user is presented with a password creation form of any kind, is it necessary to add parameters to their password so it meets certain security requirements (complexity etc)? These parameters must be displayed to the user so they know when their password is valid but... this also means anyone that's trying to guess someone elses password now has a template to go off.

For example, "you must have at least 1 upper and lower case character as well as a number and symbol."

Does restricting the free choice of a password in a form cause a poor user experience by forcing validation when it may actually have a negative effect?

Tags: UX Stack Exchange

Password Restrictions vs No Restrictions

UX in 2018: The human element

Three Takeaways from the Hawai’i Missile False Alarm

UX in 2018: Content

UX in 2018: Design, Development, and Accessibility

The Power and Danger of Persuasive Design

Password Restrictions vs No Restrictions

Related Posts