UX Patterns Guide
UI + UX Error Prevention And Recovery anti-pattern

Confirmation fatigue

Classify actions by reversibility, frequency, consequence, and recoverability; remove confirmations from routine recoverable actions, replace them with undo or feedback, and keep interruptive confirmation rare, specific, and consequence-bearing.

Open in lab Compare alternatives
Decision first

Choose this pattern when the problem matches

Use when

  • Use this anti-pattern entry to audit products that ask for confirmation on many routine actions or use identical prompts for different levels of risk.
  • Use it when a workflow needs a prompt inventory, confirmation suppression rules, and a decision about undo, warning text, prevention, or stronger review.

Avoid when

  • Do not use this entry to remove confirmation from permanent deletion, broad permission changes, external side effects, legal commitments, payments, production commands, or account closure without adding an equally strong safeguard.
  • Do not treat every confirmation as fatigue; a rare, specific, consequence-bearing prompt may be the correct pattern.

Problem it prevents

When products ask users to confirm too many routine actions, users learn that confirmations are meaningless friction. The prompt no longer creates attention when the consequence is genuinely destructive, costly, external, or hard to undo.

Pattern anatomy

What a strong implementation has to make clear

User need

A product uses modal confirmations, alert dialogs, browser confirms, action sheets, or extra OK prompts for many commands in the same workflow.

Pattern promise

Classify actions by reversibility, frequency, consequence, and recoverability; remove confirmations from routine recoverable actions, replace them with undo or feedback, and keep interruptive confirmation rare, specific, and consequence-bearing.

Required state

Prompt inventory state showing which actions are confirmed, how often they occur, and what consequence each confirmation prevents.

Recovery path

Users confirm permanent deletion automatically because earlier low-risk prompts trained the same OK response.

Access contract

Reducing unnecessary dialogs reduces focus disruption, but replacement feedback and undo controls must remain keyboard reachable and programmatically identifiable.

Quality bar

The difference between expert and weak execution

Strong implementation

Specific, visible, recoverable

  • Archiving a message completes immediately with Message archived and Undo, while permanently deleting a workspace opens a specific destructive confirmation.
  • A table separates Delete permanently from Archive and shows warning text near the dangerous command instead of confirming every row action.
  • A user archives ten low-risk notifications quickly, can undo the last archive, and still pauses when the only modal names permanent account deletion.
  • A team removes confirmations from reversible cleanup actions and tracks fewer automatic OK clicks on the remaining destructive prompts.
Weak implementation

Vague, hidden, hard to recover from

  • Every Save, Dismiss, Filter, Archive, and Close action opens the same Are you sure? modal with OK and Cancel.
  • A product asks for confirmation after the user already used a clear Delete permanently command, then asks again after the user typed the target name.
  • A user clicks OK through a production delete prompt because the last 30 prompts all looked identical and protected harmless actions.
  • A keyboard user must pass through a modal for every low-risk row action, slowing task completion without improving safety.
UI guidance
  • Do not present the same modal confirmation for routine, reversible, low-risk, or high-frequency actions; reserve interruptive confirmation for consequences that can reasonably change a user's decision.
  • Make the UI distinguish routine action feedback from genuine risk: use inline status, undo, warning text, disabled prevention, review, or clearer command placement instead of another generic Are you sure dialog.
UX guidance
  • Confirmation should reduce a specific mistake, not create a reflexive second click after every command.
  • Audit prompt frequency, dismissal rate, reversibility, and consequence severity so users are not trained to ignore the one confirmation that actually matters.
Implementation contract

What the implementation must handle

States

  • Prompt inventory state showing which actions are confirmed, how often they occur, and what consequence each confirmation prevents.
  • Routine reversible action state using status and undo instead of modal confirmation.
  • Meaningful confirmation state reserved for uncommon destructive, costly, external, permission, or security-sensitive actions.
  • Prompt suppression state where repeated low-risk confirmations are removed or replaced with less interruptive feedback.

Interaction

  • Each confirmation must have a documented risk, consequence, and reason it is better than undo, prevention, warning text, review, or clearer command placement.
  • The same user path should not show repeated confirmations for the same consequence unless the second step adds materially new information.
  • Routine recoverable actions should complete with clear feedback and recovery instead of blocking the action first.
  • Remaining confirmations must differ visually and textually by consequence, target, and final action label rather than using generic OK or Continue.

Accessibility

  • Reducing unnecessary dialogs reduces focus disruption, but replacement feedback and undo controls must remain keyboard reachable and programmatically identifiable.
  • Remaining high-risk confirmations need specific accessible names that include the action and target, not only Are you sure.
  • Avoid repeated modal focus traps for routine tasks because they increase keyboard effort without adding meaningful safety.
  • If undo replaces confirmation, announce the completed action and recovery availability without stealing focus unnecessarily.

Review

  • What specific mistake does this confirmation prevent?
  • How often will a user see this prompt in one normal task?
  • Can the exact prior state be restored with undo instead of blocking the action?
  • Does the prompt add new consequence information beyond the trigger label?
Interactive lab

Inspect the states before you copy the pattern

Keep confirmations rare and meaningful

Inspect prompt inventory, undo alternative, meaningful confirmation, suppression rule, escalation, specific copy, telemetry, and keyboard burden states; compare spam prompts, generic copy, double protection, false safety, post-commit prompt, severe prompt lost, prompt chain, and fast dismiss failures.

Confirmation fatigue
Interactive demo is ready

Launch the live UI/UX lab when you want to inspect states, keyboard behavior, and common failure modes.

State To Inspect

Prompt inventory state showing which actions are confirmed, how often they occur, and what consequence each confirmation prevents.

Keyboard / Access

Routine actions should keep keyboard focus in the working surface and report status rather than opening repeated modal traps.

Avoid Generating

Adding a confirmation after every user mistake without asking whether the mistake was reversible.
Evidence trail

Source-backed claims behind this guidance

Microsoft Windows UX Guide: Confirmations

Microsoft - checked

Microsoft confirmation guidance supports avoiding unnecessary confirmations and using undo, prevention, or feedback when they better fit routine actions.

Material Design: Snackbars

Google Material Design - checked

Material snackbar guidance supports post-action feedback with an Undo action as a less interruptive alternative.

Full agent/debug reference

Problem Context

  • A product uses modal confirmations, alert dialogs, browser confirms, action sheets, or extra OK prompts for many commands in the same workflow.
  • Many confirmed actions are frequent, reversible, local, low-risk, or already clear from the command label.
  • The same prompt style is used for harmless actions and severe actions, so users cannot tell which prompt deserves attention.
  • Teams may have added confirmations after incidents without checking whether undo, prevention, command placement, warning text, or review would target the real error better.

Selection Rules

  • Flag this anti-pattern when low-risk, reversible, or high-frequency actions repeatedly open modal confirmations.
  • Flag it when confirmation copy is identical across different consequences, such as Are you sure? or Continue? for both routine dismiss and permanent deletion.
  • Flag it when users see a second prompt after a stronger safeguard already proved intent, such as typed confirmation, high-impact review, or explicit destructive command wording.
  • Use confirmation dialog only when the dialog adds object, scope, consequence, or recovery-limit information that could reasonably make the user cancel.
  • Use destructive action confirmation when the action is a named destructive final commit with meaningful loss inventory.
  • Use typed confirmation only for severe wrong-target risk, not as an extra ritual after every delete.
  • Use undo when the action is frequent and the exact prior state can be restored before external effects occur.
  • Use warning text when users only need consequence copy before they start the risky action.
  • Use dangerous-action review when the issue is inspectable high-impact payload, evidence, side effects, or stale state rather than a yes-or-no confirmation.
  • Prefer prevention by better placement, disabled-state explanation, previews, dependency blocking, permissions, or safer defaults when those remove the mistake without a prompt.

Required States

  • Prompt inventory state showing which actions are confirmed, how often they occur, and what consequence each confirmation prevents.
  • Routine reversible action state using status and undo instead of modal confirmation.
  • Meaningful confirmation state reserved for uncommon destructive, costly, external, permission, or security-sensitive actions.
  • Prompt suppression state where repeated low-risk confirmations are removed or replaced with less interruptive feedback.
  • Escalation state where severe deletion, broad scope, or wrong-target risk routes to destructive or typed confirmation.
  • Copy specificity state where remaining prompts name object, scope, consequence, and safe outcome.
  • Habit signal state using telemetry or research such as very fast OK clicks, high dismissal rate, or repeated prompt chains.
  • Bad spam state where every Save, Close, Filter, Archive, Dismiss, or Navigate command asks Are you sure.
  • Bad double-protection state where confirmation, typed phrase, and undo all stack on the same low-risk action.
  • Bad false-safety state where prompts remain but the system cannot undo, prevent, or describe the real consequence.

Interaction Contract

  • Each confirmation must have a documented risk, consequence, and reason it is better than undo, prevention, warning text, review, or clearer command placement.
  • The same user path should not show repeated confirmations for the same consequence unless the second step adds materially new information.
  • Routine recoverable actions should complete with clear feedback and recovery instead of blocking the action first.
  • Remaining confirmations must differ visually and textually by consequence, target, and final action label rather than using generic OK or Continue.
  • Suppression rules should consider action frequency, reversibility, role, environment, object scope, and whether the user has already reviewed the consequence.
  • When a prompt is removed, the replacement recovery or prevention path must be visible, keyboard reachable, and honest about what can be restored.
  • Analytics, usability testing, support reports, and incident reviews should be used to check whether confirmations are read or merely dismissed.

Implementation Checklist

  • Inventory all confirmation prompts in the workflow and tag each by action, frequency, reversibility, external effects, consequence severity, and existing recovery.
  • Remove modal confirmation from routine save, close, filter, dismiss, archive, hide, reorder, and delete-to-trash actions when undo or status feedback is sufficient.
  • Replace low-risk confirmations with object-specific feedback, undo, restore, inline validation, disabled explanation, preview, or better command grouping.
  • Keep or add confirmation only where object, count, scope, cost, permission, external recipient, recovery limit, or legal consequence can be shown before commitment.
  • Use destructive action confirmation, typed confirmation, dangerous-action review, or human approval gate only when their stronger contract matches the consequence.
  • Write remaining prompt copy with the affected object, consequence, safe action, and final action; avoid OK, Yes, No, Continue, and repeated Are you sure wording.
  • Measure fast dismissals, prompt chains, repeated confirmations per task, cancellation rate, undo use, support incidents, and whether users can recall what they confirmed.
  • Test keyboard and screen-reader flow for both removed prompts and remaining prompts so fewer dialogs do not hide recovery from non-pointer users.

Common Generated-UI Mistakes

  • Adding a confirmation after every user mistake without asking whether the mistake was reversible.
  • Using one generic confirmation component for every action from closing a panel to deleting a workspace.
  • Stacking warning text, confirmation dialog, typed confirmation, and undo for a low-risk action.
  • Keeping prompts because they feel safer even though users dismiss them unread.
  • Removing prompts without adding the undo, restore, status, or prevention path that made removal safe.
  • Treating cancellation rate alone as proof that a prompt is useful without checking task interruption and habituation.

Critique Questions

  • What specific mistake does this confirmation prevent?
  • How often will a user see this prompt in one normal task?
  • Can the exact prior state be restored with undo instead of blocking the action?
  • Does the prompt add new consequence information beyond the trigger label?
  • Are severe prompts visually and textually distinguishable from routine prompts?
  • Are users clicking through so fast that they probably are not reading?
  • Can the risk be reduced by command placement, disabled explanations, previews, or safer defaults instead of confirmation?
Accessibility
  • Reducing unnecessary dialogs reduces focus disruption, but replacement feedback and undo controls must remain keyboard reachable and programmatically identifiable.
  • Remaining high-risk confirmations need specific accessible names that include the action and target, not only Are you sure.
  • Avoid repeated modal focus traps for routine tasks because they increase keyboard effort without adding meaningful safety.
  • If undo replaces confirmation, announce the completed action and recovery availability without stealing focus unnecessarily.
  • If warning text replaces confirmation, keep the warning in reading order before the risky action and make warning meaning independent of color.
  • If dangerous review or typed confirmation remains, expose scope, consequence, and required input through labels and descriptions.
Keyboard Behavior
  • Routine actions should keep keyboard focus in the working surface and report status rather than opening repeated modal traps.
  • Undo or restore controls that replace confirmations must be reachable through Tab or a documented command path.
  • Remaining confirmations must trap focus only while the high-risk decision is active and return focus after cancel or completion.
  • Escape should cancel pre-commit confirmations where cancellation is safe, but it should not become a required extra step for low-risk actions.
  • Prompt suppression should not remove the only keyboard-visible route to recover from a completed action.
  • If a severe prompt remains, initial focus should support safe review rather than accidental confirm-through.
Variants
  • Are you sure spam
  • Routine confirmation overload
  • Generic OK confirmation
  • Double confirmation chain
  • Confirmation after typed confirmation
  • Undo plus confirmation overprotection
  • Prompt habituation
  • False-safety confirmation

Verification

Last verified: