Suppose you have a password field as part of a user signup flow. Passwords typically have length requirements or capital letter requirements. You can save a lot of user frustration if you communicate what those are before users type anything into those inputs.
My favorite with passwords is when there is a max length (yes, max, like, you can’t more than this number of characters in it). If you use a password manager that lets you easily generate passwords with a hundred characters, you might be tempted to with a password that long. You put it into the form and then boom, you get an error from the server.
You can also be consistent in calling something an error. I’ve had password fields at signup accept a 100 character password, but then I couldn’t use that same password when logging in. The sites sometimes just truncate, taking, say, the first 32 characters of a password. So when you submit the full 100 after, it doesn’t match what they used when you register.
A simple, upfront, “Hi, passwords can’t be longer than 32 characters, so you may want to bank with one of our competitors,” would be a nice touch.
In this particular case, it might speak to not having the same team handle authentication and registration. It’s easy for requirements like that to get lost across handoffs.
