According to Baymard’s research, strict password rules can cause an 18.75% checkout abandonment rate among existing account users as they try to sign in.

The real problem arises when trying to sign in. If they got forced to create a more complex password and could not use the password they usually use, they’re having difficulty remembering it. And this leads to abandonment, especially if they need to reset their password via email.

A low password requirement could, for example, be to set it to have a minimum of 5 or 6 lowercase characters. But encourage them to use a more secure password.

If you lower the requirements, you should compensate for the lower security by implementing:

• login attempt limitations
• forcing the user to re-enter their credit card information if the address is new or edited

It is also recommended to mention the password requirements next to or below the password field.