Complex RequirementsHighly specific password requirements that force users to jump through hoops to create a password. For example, a website that has 8 different requirements for passwords instead of dynamically judging the complexity of passwords. Users find it particularly difficult to use mixed case passwords.
Password ExpiryDisrupting a user's task flow to ask them to change their password. Users tend to rush through things that interrupt their flow resulting in weak or forgotten passwords.
Session ExpiryWhen a user's session times out and they need to logon again.
Lack of Single Sign-onWhen a user is forced to reenter a password when traversing related sites or applications.
Blocking Password ManagersBlocking password managers that auto-fill passwords may be perceived as a bug on your site. Encourages simple and reused passwords. Forces user to create an except for you resulting in satisfaction issues.
Disallowing CharactersIn some cases, older sites disallow a number of characters in passwords. This both makes passwords less complex and increases password fatigue as users struggle to understand why you can't except their chosen password.
|Overview: Password Fatigue|
The stress that users experience due to requirements to create, re-enter, remember and change a large number of passwords.