During one of my daily readings I stumbled across a usability study that highlighted the difficulty users had with so many websites – the issue being how difficult it was to create passwords that fit the parameters of whatever the website or web application had established for itself. Ever come across a registration page and tried to use a password only to have a full page post-back and a terse message telling you that you FAILED with only a single reason for your utter incompetence for creating a password?! You missed a symbol, you must use a symbol! Try again. Now you missed an upper case character, nice try, try again! My favorite is when you get a failure notice, and no reason why your password has not met the lofty standards of the registration page. Well, let’s try to put a stop to that. There has to be a better way. How about we get a list of password requirements ahead of time and show them to the user so he knows how to form his passwords? Check! How about we also give the user direct immediate feedback when each specific rule has been fulfilled? Nice!
So I decided to write this little library to help ease creating passwords. Introducing Passenger JS! It’s small (only 4K non-gzipped), easy to implement, has no dependencies (pure vanilla JS), and gives you the flexibility to handle the users’ action however you see fit. I wanted to make sure to handle the main usability issues with password generation, but leave enough flexibility to allow developers to deal with their own use cases as they saw fit. One common use case would be to disallow form submission if the user has not entered a password that meets your criteria. Easy enough. No post-backs, no hazy iterative revelation of an unknown set of rules.
Check out the Github repo here, and shoot me your feedback for how Passenger JS can be improved further. I’d love to hear them. Let’s together end the frustration users feel when trying to generate passwords.