Description When creating an Apple ID via the web form, if the user’s chosen password contains their own name, the server correctly returns an error (e.g., "Password cannot contain your name") in the PUT request's JSON response. However, this error is not shown on the frontend, leaving users unaware of why the form silently fails or stalls.
Steps to Reproduce Go to the Apple ID account creation page (https://appleid.apple.com/account).
Enter valid account details where the password includes the user's first or last name (e.g., Johnacb2331!l for a user named John Doe).
Complete all fields, including phone number verification and captcha.
Submit the form and monitor the Network tab in your browser’s DevTools.
Observe that the form appears to hang, loop, or silently fail.
Open the PUT request to /account — the response JSON will contain the relevant validation error (e.g., “Password cannot contain your name”), but the user is not shown this.
Expected Behavior The password validation error (e.g., containing the user’s name) should be immediately displayed in the UI next to the password field to inform the user and allow for correction.
Actual Behavior No error is shown in the UI. The form appears to fail silently, leaving the user confused. The actual reason for failure is only visible through browser developer tools in the PUT response payload.
Impact This can lead to:
User frustration and confusion
Increased support overhead
Poor UX in a critical flow (account creation)
Environment Browser: chrome 136.0.7103.114
Platform: Web (https://appleid.apple.com)
Date observed: 31/5/25
Suggested Fix Ensure that password validation messages from backend responses surface in the frontend, especially for common user input issues like including names in passwords.
No screenshots as I can not create a new account