This is a small suggestion for a Pareto improvement in the design of web interfaces.
If you’re building a web app you probably already have a flash notice if I type some illegal characters in registering my password. You can very cheaply pass that same text to a notice any time I enter a wrong password.
ubuntuforums.org flash a notice like “Remember that capitalisation matters!” or “Make sure your caps lock is off!” But what I really need to know is if the special characters in my regular password are allowed by your site way back when I registered, and if I would have had to use the short, medium, or long password.
Thanks in advance, if you do this. And if you think there’s some downside to my suggestion, I’m all ears. (er, eyes)