Skip navigation EPAM

Confirm password bugs and the conversion rates that hate them


This post is part of series on the test IO blog about real bugs that our testers have found during test cycles. In each post, we explore the details of the issue, explain its impact, and discuss what software teams can do to avoid similar problems.

Formisimo, a forms analytics platform that measures visitors and what they do in online forms conducted a confirm password study. Their test showed that over a two month period, their confirm password field was responsible for over a quarter of all the people that abandoned their sign up process. When they removed the field their site conversion rate increased by 55%.

For our bug of the week we’ve decided to explore a password confirmation field bug that might make your user experience (UX) team rethink their sign-up flow.

Confirm password bug

While testing the registration process of an app, one of our testers found a critical bug when filling out the form. After completing the first password field, the confirm password field disappeared.

The bug was discovered on iPhone 5S, iOS 11.0 and was reproducible across operating systems. There was also no error messaging when the field disappeared. It was almost as if the form secretly loathed the confirm password field as much as users.

Lessons learned and best practices from test IO

What we can learn from this bug is the importance, not only of testing for functional bugs, but also the positive impact usability testing can have for the end user experience. In this case, it’s an opportunity to simplify the sign-up form.

It appears that making an entry in the password field accidentally caused the confirm password field to disappear, a step in the signup process that may not even be necessary. Big tech industry players like Facebook, Twitter, and Dropbox don’t have confirm password fields implemented when signing up. The ux movement article "Why the Confirm Password Field Must Die" looks at how sign up forms are one of the trickiest web pages to design.

In some cases the confirm password field can be meaningless. Formulate covers how double entry fields can be bypassed by copying and pasting, or automatic form-filling tools. These fields only ensure the two fields match, not that they contain valid information.

The best practice would be to give users the option to log in with their email address or social media accounts as many other companies have done. Kissmetrics offers some tips on increasing user sign up rates. If you must request that users fill out a form, ux movement suggests having an unmask password field so that users can see their password as they type to prevent any issues.

I admit that as an end user I’ve abandoned sign up forms because of lengthy and annoying processes. Some of which stem from the confirm password entry field.



Learn More About Test IO  

Our testing experts stand ready to address your most challenging QA initiatives. If you’re interested in becoming a freelance tester, click here