BlobFisk - 9:28 am on Aug 31, 2007 (gmt 0)

I'm having an interesting discussion (read: argument!) here about the number of password fields to use so I thought that I'd get some more opinions.

We have a feature where users can enter login credentials for systems (for example a username and a password is entered for a server which is stored on our system). I am saying that there should be 2 password input fields to trap users mistyping the password, the other side of the argument is that there should only be one. The user can then test what they have done and see if it works (our system allows users to test the credentials by trying to log into the target system).

I say that this is extra work and surely it's easier to make sure that the user has entered the correct password by making them enter it twice.

Which side of the argument are you? Why?