Good design is invisible: towards a banal but beautiful password reset

“If you remember the shape of your spoon at lunch, it has to be the wrong shape. The spoon and the letter are tools; one to take food from the bowl, the other to take information off the page … When it is a good design, the reader has to feel comfortable because the letter is both banal and beautiful.” — Adrian Frutiger, typeface designer

Do you remember the last time you reset your password? Probably not, right? For some processes, being unmemorable is a sign of good design. Password reset isn't a feature you want to remember, because if it is, it was probably painful.

Designers and engineers are power users

With a project as big as Portal, it's not surprising that sometimes we find areas that aren't very easy to use anymore. With an ever-expanding list of features, it's easy to get distracted by making new and shiny things and forget about the older, more simple features. But eventually, the boring, fundamental things will make themselves known, whether we like it or not.

At Equiem, it's easy for us to get a sense of what's going wrong or needs updating/maintaining by just being around people in head office. Our product engineering team is based in the same office as our content managers and strategists, our store management team, our client services representatives, our operations team and our support team, so we get a lot of feedback from just being physically here.

This is awesome, but it’s also a trap for young players: everyone in head office, despite our diversity, is technically a power user, and that means that we often fail to see usability issues at the less sophisticated end of the spectrum - things that are perhaps boring, but often extremely fundamental to the usability of the product. Basically, we're at a point where we can't remember what it's like to not be a power user, and that’s dangerous.


Product support: UX's best friend

It's no surprise then that our product support team are often sitting on a goldmine of usability issues that we just can't casually stumble across anymore.

The two way relationship between product and support is invaluable. Support needs to know about the new shiny things we’re building, and product needs to know about the bits our users are struggling with.

But getting that relationship right - who needs to know what, and how much about that thing - is tricky. And in a lot of ways, UX sits in between support and engineering, and can help make things better.


Buggy or badly designed?

We were hearing that some of our users were reporting the password reset process as broken. So when we first tried to solve this problem, we came at it as if there was a bug in the code. Reports would come in, we'd test it, confirm that it wasn't buggy, and move on.

Eventually it became clear that something was up. We were verifying it wasn’t buggy, but complaints still kept rolling in. We decided to watch a user try to reset their password and do a benchmarking usability test. It became clear that this wasn't a buggy code issue - this was definitely a usability issue. Knowing that, it was clear that the work to be done was UX design work, not bug fixing in the codebase.

So we started from scratch and printed off every screen that was involved in resetting your password - and we scrutinised them. Are these words right? Is this bit confusing? Is the flow correct? Can someone with no knowledge of the system understand it? Does the user feel good afterwards?

We started with a “back to basics” approach for understanding what our users needs were in this misleadingly simple process. And what we found was that our process was violating some key usability heuristics, specifically:

  • Visibility of system status - The system should always keep users informed about what is going on, through appropriate feedback within reasonable time. Our users weren’t getting emails fast enough and it wasn’t really clear that they needed to check their emails to move forward with the process.
  • Consistency and standards - Users should not have to wonder whether different words, situations, or actions mean the same thing. Follow platform conventions.Our form design was confusing to our users. We weren’t making it clear enough what things were required and what each field was for.
  • Error prevention - Even better than good error messages is a careful design which prevents a problem from occurring in the first place. Either eliminate error-prone conditions or check for them and present users with a confirmation option before they commit to the action.Our password policy was presented in a way that was confusing and included way too much unnecessary information for the task at hand.
  • Aesthetic and minimalist design - Dialogues should not contain information which is irrelevant or rarely needed. Every extra unit of information in a dialogue competes with the relevant units of information and diminishes their relative visibility.The process of resetting your password was mainly handled at a screen that was also used for other things - the My Account page. It was too easy for users to get confused by stuff that didn’t help them reset their password at all.

Small feature, big impact

This might seem like overkill for such a small thing that is present in almost every online system. In fact, this functionality comes built in by default in Drupal - so it’s easy to ignore and leave it as is.

But password reset is a gate - if you can’t reset your password, you can’t get into the Portal. That’s important, because If someone else resets your password maliciously, they shouldn’t be able to log in to your account! This is a common tradeoff between security and usability - something we need to navigate carefully in an enterprise product.

But if you lose or forget your password and you can’t get back in easily, we’ve lost your trust. We’ve made it hard for you to use the product, and in a busy commercial office environment where our users all have other jobs to be doing, they’re not going to work very hard to solve that problem - they’re just going to leave forever.

Making our password reset process easy, fast and friendly took time, but it was worth it - password management in the office ecosystem is frustrating and difficult at the best of times.

With the help of some copywriting, some human illustrative elements and some performance polishing, we have been able to make something usable - perhaps even delightful. But most importantly, we’ve made something unmemorable - so good that you don’t even remember doing it.

“I don’t really understand what the point of that was…”
- A user testing the new password reset process



Never miss an update, subscribe to IQ monthly below:

Product Updates

Product Updates

Product Updates

Engagement Campaigns

Product Updates

Company News

Case Studies

Case Studies

Product Updates

Latest Events