Should you use “Confirm Password” on your forms?: A Case Study

A real world example of improving conversion rate by removing the confirm password field

‍

We achieved a 56.3% increase in form conversions by removing “Confirm Password” while not negatively affecting the password reset rate.

Should you force a user to confirm a password when they complete your form? Those in the “YES” camp argue that it cuts out unnecessary calls to customer support when the user has mistyped and subsequently mis-entered their password. From the “NO” side, the contention is the requirement introduces unnecessary friction into the form so reduces conversion rates. The “NO” gang further argue that users generally copy and paste their password to confirm anyway so asking them to confirm will make no difference whatsoever to the volume of incorrectly entered passwords. Besides, there is always a “Forgotten Password” option as a last resort. Nevertheless, password-protected forms remain common in various publications, such as digital flipbooks, interactive presentations, blogs, reports, and many more.

There are strong opinions on this topic so we thought we would help inform the debate by resurfacing one of our previous pieces of research on the topic. It comes from the days when our form analytics software was known as Formisimo rather than Zuko (hence the different branding) and is based on our sign-up form.

At first glance, the Formisimo registration form looked pretty straightforward:

‍

We did notice, however, that over a quarter of abandonments were on the “Confirm Password” field. While this wasn’t the worst field for abandonments (many abandoned after only focusing on the first “Name” field), it did ring alarm bells - if users had gotten that far, why not complete the form?

So, to live our test, learn and refine, mantra we decided to trial some changes. We had only used a “Confirm Password” feature out of a nebulous sense that it was best practice to do so. We had no firm data-backed hypothesis to include it in the first place.

For full disclosure, we did make a few other changes at the same time:

• Removing the number “1” in the top left, as it implied there were multiple sign up steps, which there were not. The next page (i.e. Page “2”) was the confirmation page.
• Changing the text at the top to the more action oriented “Start tracking your forms”. 
• Altering the colour of the call to action button to a brighter orange variant.

‍

Now, we know the professional A/B testers among you will be screaming at us that we should have only made one change at a time to be certain of the conclusions. You are right, but that is the way it was done at the time and we can’t go back and change it now.

The results of the test were:

• 14.3% more visitors started the form after arriving at the page
• A 35.5% increase in the proportion of those who started the form completing it
• A 23.9% decrease in the number of corrections made in the form
• A 56.3% increase in overall conversions
• The password reset request per user remained steady at 10%

This test was, overall, clearly a success for us. Removing the requirement to confirm the password reduced unnecessary friction in the form and had no negative effect on overall experience regarding remembering passwords.

Needless to say, we have never gone back to confirming passwords in our forms and we likely never will.

For more form advice, tips and best practice check out our Big Guide to Form Optimization.