Password fatigue is the stress that users experience due to requirements to create, re-enter, remember and change a large number of passwords. It can be a customer and employee satisfaction issue. It can also be a security issue as requirements to remember and enter passwords frequently encourages users to select simple passwords, write them down and reuse them across multiple systems. The following are several policies that may lead to password fatigue.
Complex RequirementsHighly specific password requirements that force users to jump through hoops to create a password. For example, a website that has 8 different requirements for passwords instead of dynamically judging the complexity of passwords. Users find it particularly difficult to use mixed case passwords.
Password ExpiryDisrupting a user's task flow to ask them to change their password. Users tend to rush through things that interrupt their flow resulting in weak or forgotten passwords.
Session ExpiryWhen a user's session times out and they need to logon again.
Lack of Single Sign-onWhen a user is forced to reenter a password when traversing related sites or applications.
Blocking Password ManagersBlocking password managers that auto-fill passwords may be perceived as a bug on your site. Encourages simple and reused passwords. Forces user to create an except for you resulting in satisfaction issues.
Disallowing CharactersIn some cases, older sites disallow a number of characters in passwords. This both makes passwords less complex and increases password fatigue as users struggle to understand why you can't except their chosen password.
This is the complete list of articles we have written about information security.
If you enjoyed this page, please consider bookmarking Simplicable.
© 2010-2023 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited.
View credits & copyrights or citation information for this page.