First, while registering, the "create a password validator" gives incorrect error information. I can only assume that I provided extra "invalid" characters in the password, yet it still complained that it must contain at least one "special" or one numeric character, of which I had both. Perhaps that was exclusive?
The site uses standard HTTP authentication which is somewhat unheard of these days. That means that regularly, the "try again" link it provided when the user inputs incorrect data fails in its implementation because the browser is caching the incorrect log-in data, and most users won't know how to reset this. By default, it's a bit of a nuisance to clear, too.