Looking at Customize Registration - #2 by nathan.jenkins, I can see that at least part of the rationale is (aside from maybe lack of votes):
- extra typing is annoying for users
- most users use password managers in some capacity
I think there are strong counter-arguments:
- users don’t have to type if they use password managers
- password managers typically auto-fill double password entry fields
- note that some password managers (google, for instance) don’t by default include special characters (essentially for this reason), which may be required for Auth0 passwords. This forces users to type characters anyway.
- this rationale doesn’t account for those that do type their password
- the sign up and sign in pages are basically identical (do we need them both?)
- the Auth0 password reset page does include a confirmation field, which is inconsistent
- the password reset modal in the Auth0 user management portal also includes a confirmation field
Two suggestions:
- If Auth0 maintains its position on this, the two pages could be merged into a “Universal Sign-in/up” page, since they are essentially identical.
- The confirmation password field could be implemented and made as an optional element inside of the Universal Login design pages.
Thanks all!
Angus