- Having a sign-in in the first place
- Requiring sign-in too soon
- Not stating the benefits to registering
- Hiding the sign-in button
- Not making “Create a New Account” or “Forgot Your Password” a button or link
- Not providing sign-in opportunities at key locations
- Asking for too much information when registering
- Not telling users how you’ll use their information
- Not telling the users the requirements for username and password up front
- Requiring stricter password requirements than the NSA
- Using challenge questions they won’t remember in a year
- Not returning users to their desired objective
- Not explaining if it’s the username or password they got wrong
- Not putting a register link when the sign-in is in error
- Not giving the user a non-email solution to recover their password
- Requiring more than one element when recovering password
Source: 16 design mistakes for account sign-in.