It’s bad enough the criteria for a password are kept secret, only shown after I’ve tried to enter something.
But it’s worse when the criteria are so complex for no good reason.
This site asks for:
- 7 characters
- And 3 of the following:
- and special character
If only 3 are needed, they should drop one requirement, eliminating a choice the user has to make.
At minimum, the UI should offer me a unique autogenerated password that meets the criteria that I can use if I wish.