Thank-you, American Express, for removing one of the little annoyances of online commerce. During login, the company warns users when they’ve typed more than the maximum eight characters allowed in the password field. The login page suddenly becomes grayed out and the error message appears on the right (see screenshot below).

It would be interesting to see what this small change saved in reduced password resets and customer service calls.

Bottom line: If you have unique password requirements, such as special characters, consider telling customers during login if their password is invalid for that reason. Sure, it makes it slightly easier for crooks to guess, but mostly you’ll just have a bunch of slightly-less-annoyed customers.

American Express log-in message when attempting to use a password that doesn’t fit the company’s requirements (15 April 2009)