The Final Word On Passwords, Part 13

A client is calling because her online account is locked and she needs to reset the password. Like most password reset pages, the user is required to enter their new password once and then enter it into a second box below to confirm that the password is correct. I send her the password reset link and go over the requirements for setting up the new password.

This particular call has already taken twenty minutes and she has finally reached the password reset page.

Me: “Now that we’re here, go ahead and change the password.”

Caller: “It’s saying that the passwords don’t match!”

Me: “Okay, please click the ‘show password’ button so you can see where the passwords don’t match.”

Caller: “I did, but they’re the same!”

Me: “Did you possibly capitalize a letter in one that you didn’t in the other? The system is very case-sensitive.”

Caller: “No, the passwords match!”

Me: “Okay then, please clear out the password boxes and re-enter your password again.”

This goes on for another ten minutes with the caller repeating that the passwords match, and I give her the same instructions to clear the password boxes each time. She becomes more flustered each time. Then, this finally happens.

Caller: “Now the system is saying that the password can’t exceed thirty-two characters!”

Me: “Thirty-two char— Wait, have you been putting in all these passwords in the boxes without clearing them first?”

A brief pause.

Caller: “I promise I’m not stupid!”

Related:

The Final Word On Passwords, Part 12
The Final Word On Passwords, Part 11
The Final Word On Passwords, Part 10
The Final Word On Passwords, Part 9
The Final Word On Passwords, Part 8