Confirm password when signing up

Just got this email from a user today:

One suggestion, to avoid typos when entering the new pwd, perhaps you should use either a duplicate field for them to enter their new pwd, or force them to log in after they enter their new pwd .

Most systems ask for password confirmation when signing up. What were the reasons why Discourse chose not to? Can this be made optional?

Discourse forces every user to have an email address and allows a pretty painless password reset, so having a typo in the password isn’t really a problem.


Typo in email is actually a much bigger problem…

1 Like

Since you can now edit email after signup in the confirm dialog this is definitively covered.