Creating, remembering and resetting passwords is a UX problem for both retailers and customers.

It’s a point of friction which can affect whether a customer signs up in the first place, and whether they make repeat purchases if and when they forget their password details.

The reason this is a problem is that people simply have too many passwords and PINs to remember – online banking, email accounts, social media profiles, and whichever sites they use to shop online.

Stats from Mcafee show that consumers have an average of 23 passwords for online accounts, a lot to remember for many people, even though people only use an average of 13 unique passwords for these accounts.

With so many passwords to remember, people are bound to forget them now and then. And they do. 32% say they forget a password once a week.

For retailers, this can impact on repeat purchases. If the customer can’t remember their password to log in and buy again, they may abandon the site. The Mcafee survey found that 48% have abandoned websites after forgetting their password.

And this is the problem. Passwords can be hard to remember, especially when encouraging secure passwords means users have to remember a mix of letters, numbers and special characters.

Customers are going to forget passwords on a regular basis, so it’s important to make it as easy as possible to reset passwords or look into alternative ways of managing logins and making repeat purchase easier.

Make it easy to create passwords in the first place

The first point of friction can be setting up a password in the first place. Also, many will abandon without even trying to reset a password, so it’s important to focus on password creation.

First of all, don’t make password creation a barrier to purchase. Guest checkout options, or account creation after purchase (or at the end of the checkout process) is the best way to avoid making it an obstacle.

For example, Lowe’s adds this step right at the end of checkout, also making it optional.

It’s also a good idea to sell the benefits of registration, as Lowe’s does with the mention of faster checkout and benefits. After all, if shoppers register, they’re more likely to make repeat purchases.

Once customers are at the point of setting a password, there are some common mistakes to avoid. For sites, it’s a balance between keeping it simple and encouraging more people to sign up, and getting users to make a little effort to create a more secure password. Many sites simply present you with a field and ask you to create a password.

However, users need more information than this. Tell them the requirements in terms of length and use of numbers and special characters. This avoids users setting ‘incorrect’ passwords and receiving annoying error messages.

Here, Alibaba.com spells out the password requirements clearly, and also encourages shoppers to create a password that is strong, with some instant feedback next to the form field.

In addition, it can also help to show the password the user has typed. This confirms to the user that they have entered the password they intended to without typos, and avoids the confusion that such mistakes would cause later on.

It could also be argued that asking for users to confirm the password they’ve already entered adds an unnecessary extra step. Showing the password and allowing customers to check for mistakes should be enough.

There are other alternatives which can avoid the need to select a password altogether. For example, Alibaba offers the alternative of social logins, so shoppers can use their Twitter, Google, Facebook or LinkedIn account to sign in.

This avoids the need to create new passwords, and the user may be using a password that they’re much more likely to remember.

Dealing with forgotten passwords

One obvious way to deal with forgotten passwords is to use guest checkout. This way, even if customers can’t remember their login details, they can still go on and make a purchase.

However, many sites won’t allow shoppers to use email addresses that are already registered, forcing people to use another address, or go through the password recovery process.

The process of resetting passwords can be tiresome, with some common frustrations. Here are some ways to make it easier to recover forgotten passwords:

  • Avoid unnecessary steps. Here, I have to enter my email address twice. I’d already entered my email on the previous step and selected the reset password option but I have to re-enter it in the next step.

  • Send a reset link or one-time password to the user’s email address. This allows people to quickly log back in, if the process is well designed.
  • Don’t make people wait for emails. The email with a new password, or a link to reset, should arrive quickly. Make people wait too long and they may give up on the purchase altogether.
  • Consider sending one-time passwords to the user’s mobile. Where appropriate, this can be easier for users, as it avoids the need to log into email accounts and wait for reset emails.
  • Show a password hint. If users have selected hint text when creating an account, a quick reminder of this might be enough to avoid the password recovery process altogether.

In summary

Passwords (both creating and recovering) are also going to be a potential problem for retailers, simply because your customers will inevitably forget them from time to time.

The best approach is to reduce friction wherever possible, perhaps by removing the need for passwords where you can, and by making it as easy as possible for customers to create passwords, and designing a simple and fast recovery process when they need it.