The ridiculous password requirements need to stop. I will never remember my 20+ character password.
Twitch requires the most insane password strength I've ever seen. I've had accounts with banks, insurers, court systems and other state/federal government websites, and yours is the only one I will never remember. You're a streaming site. It's not like you're handing out nukes.
Literally all I (and millions of others) want to do is watch streamers and comment occasionally. If the security is this high for streamers, who have jobs and contracts surrounding twitch, then fine. But I think you'd make a lot of people happy by making two separate account types, with different levels of security measures. One for users who will stream, and ones for viewers that will never stream. The latter will be thankful you've made the change, I'm nowhere near the first person to complain, and it's a very stupid reason to lose viewers/users/potential paying customers etc.
This is bloody stupid and in fact discriminates against people with a learning dissability
This annoyed the hell out of me, I've forgot my password and changed it for 3 times now.
What the hell they're thinking? 2FA is enough. If they're worried so much about Partners being hacked, at least create options for Partners to torture themselves remembering their password, but for casual people, this is too much, they want everyone to have *&%)*@*@$! in their password, so damn stupid.
Most viewers don't even bother to put a profile picture on their account, who gives a sh*t.
You need to pull the password requirements WAY back. I am not going to try to remember or type a ******** 20 character triple encrypted cypher every time I log into this plague on under 15 year old garbage website that literally ONLY streams videos. What in the **** are they going to steal?
Ive tried multiple times making a password for myself that’s not too easy to forget but they are being super controlling and not allowing people to create accounts because of this... the 2 step verification should be enough protection. They need to fix this issue.. passwords are not this insane!
I have never come across a site with such unrealistic, arbitrary, and unreasonable rules for creating a password for your account. this is a tiny thing. but very frustrating.
Yep completely agree with this, trying to change my password but the requirements are ridiculous.
The password requirements are way too much. To your point, I also have a less complex password for my bank account than I do for twitch. Twitch should not decide how complex my password needs to be, that should be me.
Let people make their own decisions. I don't need an overly complex password that I am going to have to look up now everytime I try to log in.
I posted a similar comment in the Password Reset section, and there is an additional one in the Signup section.
Please lower the complexity of the password requirements. Stop trying to micromanage people's ability to log in.
I just wrote a suggestion in the "Password Reset" section myself, not seeing this one here in sign up.
I have easier passwords with much more important things in my life than Twitch. This level of complexity is insane. Let the users make their passwords. Don't try to micromanage a person's ability to log in. Not to mention the fail safes of security codes and email verifications that pop up too.
My suggestion? Chill out on your password requirements.
Currently, the requirements are ridiculously high and very finnicky. I typed a random password of "edited!" as a test of desperation after attempting for 15 minutes trying to decide, and it says the password is weak. I have an easier password with my bank account than I do with twitch.
I typed a bunch of random passwords to test, and found that this just seemed sporadic and overly complicated. Here are another 2 that I typed in comedically --- "edited!" and "edited!" are both considered weak.
I WORK IN TECH. This is ridiculous, and I wouldn't even want to log in to twitch if it wasn't for the fact I typed this up and I need to log in to complain about it.
Your updated password requirements are obtuse and the strong password page does not give clear indications on what an acceptable password would be other than just accepting what random password a browser or password manager offers and then changing it again when you change devices or can't carry that password with you. This doesn't make an account more secure as then you need to write that down then you have a physical copy to compromise your account if you are in a shared living space.
My password was fine, you forced me to change it, my account was never compromised simply because of MFA. As others have said, take these requirements and shove them. Let us be as secure as we want, but that means expanding MFA, you know, proper investment into the platform.
THIS!!! 100% I had a 1600+ character expletive filled comment ready to send. Calmness got the better of me. Fix your password bullsh1t. I can tell you my current password doesn't meet your requirements and I want to make it slightly more difficult but until you let me make it what I WANT I'll just leave it ****** and compromised. :) No reason p1ssing people off when they also have 2FA enabled.
Stop making us use random letters and numbers and characters to "protect" our accounts. BE NORMAL AND NOT STUPID. You're just ******* people off and pushing them away from your platform while hackers still get in fine.
Really nice not being able to use any of the passwords I've tried creating for this site. I followed the guidelines you presented, but each time it told me my password was too easy to guess and wouldn't let me use it. I could understand if it didn't land under the requirements such as minimum characters, at least 1 special, number, and uppercase character, but it met those. It's unclear if dictionary words are allowed because you say not to use them, but you offer LastPass or 1Password as examples. Those aren't accepted by the way.
Please fix this stupid ****.
I'm resetting my password, and entering 40 characters randomly selected from a more than 200 characters long string of letters, numbers, signs and old norse runes.
The response? Unacceptable! This is too easy to guess!
you should use a pw manager either way.
know what i did? I just entered a whole fucking sentence. A sentence which has something to do with ranting.....
"i agree". Your user management team clearly doing "stuff" and it's nice(?) that i had to link accounts with this "uservoice" service just to even make this comment.
Thus, your super tactical security ninjas know that even NIST is moving away from baroque password complexity rules: https://www.schneier.com/blog/archives/2017/10/changes_in_pass.html
(yes, i'm a bit salty in this comment, but i just spent 15 minutes trying to set a password which i have no doubt i'll have to reset next time i have to log into twitch. )