Ideas Portal
The current login failure warning messages are too vague, displaying the same generic error regardless of the issue. It would be beneficial if the error message provided more specific information to help users identify what went wrong and how to resolve it.
For example, instead of a single generic message, the system could differentiate between various login issues:
If the username is incorrect: the message could say, "Invalid username" or "This email is not registered."
If the password is incorrect: the message could say, "Password is incorrect."
If the account is not activated: the message could say, "User registered but not activated."
This improvement would provide clarity to users, help them understand the error, and act accordingly and assist the login troubleshooting process. It could also include a relevant help guide link to assist users in resolving the issue.
Hey - Unfortunately this is something we will not be implementing due to security concerns. Returning a message like "Password is invalid" means that a malicious user could keep trying random email addresses and when they see the "Password is invalid" message, they'd know they had found a legitimate username.