You go to their site to register for this free conference, and you have to give them a password. The first question is "Why?" There's certainly nothing private about registering for a conference that I can see, but what the heck, I'll give them my password.
The instructions clearly say:
LIFE 2.0 PASSWORD (SIX CHARS MINIMUM)
so I carefully type in my usual "non-secure" password which has a special character included (old habit of putting in something a little less guessable, and the one I commonly use for these kinds of "Who cares?" registrations) and attempt to move on.
Up comes a dialogue box that says "Blah!"
yep, you read that right: "Blah!"
Hardly what I'd call a user-friendly response to a perfectly reasonable password that has been accepted by maybe 95% of the websites that I visit. After I click "OK" on this message (not what I would really like to tell them, but that's my only choice), they finally display "Password invalid! Please re-enter".
Notice that they don't tell me what's wrong with my perfectly valid password... just that it's wrong and I should try again.
(Un)Fortunately, I've learned that some sites -- like Dr. Dobb's site -- just don't get it when it comes to passwords. They:
- Don't give you good instructions on how to enter your password.
- Make poor decisions about what is an "acceptable" character in a password.
- Don't give you good instructions when things don't work as expected.
And just why is a special character (a few sites have only a few special characters that they don't allow... go figure!) not allowed anyway? It's not like a password is going to be 'executed' and thus open the door for some kind of hack... that is true isn't it Dr. Dobbs?
Too bad... it shouldn't be this difficult!
0 comments:
Post a Comment