|
|
|
|
|
|
by etler
4707 days ago
|
|
|
I think one part of this is dispelling the myth that telling the user which of the fields is wrong is a security flaw. You can already figure out if a username exists by trying to create it on the registration screen, so saying "Your username and password do not match" does not provide any extra security, and just frustrates users. |
|
|