UX design principles

How to use this

UX design principles are most useful as a working checklist. Walk a product through the twelve principles below and you'll surface most of the operational problems an audit would find. Walk a design through them before shipping and you'll catch the failures usability testing would catch a sprint later. The principles are not abstract; each one shows up as a behaviour during testing and as a category of finding during audits.

For each principle below, four operational sections: what the principle actually means in practice; a real-world example of it done well; a failure example; how it shows up in audits and usability tests. The detailed audit reference sits in the UX audit hub; the research-side detail is in UX research methods.

01 · Clarity

What it means. Every screen tells the user what it is, what they can do, and what will happen if they act. Headings honest. Labels meaningful. Copy in plain language. No jargon that's not explained. No interactions that require the user to guess.

Done well. Stripe's checkout. Each screen names what step you're on, what's being asked, and what happens next. Clarity is a feature of the visible surface and the underlying flow.

Failed. A SaaS dashboard where the primary CTA is labelled "Continue" with no context on what that continues to. The user hesitates, guesses, sometimes clicks back to check. Each guess is a clarity failure.

In audits. Clarity findings cluster around weak headings, ambiguous CTAs, jargon-heavy copy, and unlabelled iconography. The audit checklist covers the working clarity checks.

In usability testing. Hesitation before action. Participants pausing to read or re-read. Verbal cues like "I'm not sure what this does". Mid-task questions ("does that mean...?").

02 · Consistency

What it means. Patterns repeat. Equivalent actions use equivalent components. Equivalent states look equivalent. Users don't have to re-learn how to interact every time they move to a new part of the product.

Done well. A mature design system applied consistently across the product. Every "save" works the same way. Every error state has the same shape. Every nav element behaves the same. The system carries the consistency rather than designer discipline alone.

Failed. A product where one form uses inline validation, another uses on-submit validation, and a third uses tooltips. Users can't build a mental model that survives moving between flows.

In audits. Consistency findings cluster around component drift (the same thing implemented two ways), interaction pattern drift (the same action behaving differently), and visual drift (similar-looking components meaning different things). Often correlates with design system maturity.

In usability testing. Mid-flow confusion when patterns shift. "Wait, this isn't how it worked on the other screen." Disproportionate friction at the boundary between sections owned by different teams.

03 · Feedback

What it means. The system tells the user what's happening at every state change. Loading shown. Success confirmed. Errors named. Background processes visible. Users always know whether their action has been received and what the system is doing.

Done well. A file upload that shows progress, success, and the resulting file in the destination. The user never has to wonder whether the upload worked.

Failed. A form that submits with no acknowledgement, no loading state, and no confirmation. Users click submit again, sometimes producing duplicate submissions. The lack of feedback creates the second failure.

In audits. Feedback findings cluster around missing loading states, missing success confirmations, missing error states, and operations that happen invisibly. Maps directly to Nielsen's first heuristic (visibility of system status).

In usability testing. Repeated clicks on submitted buttons. Verbal cues like "did it work?". Participants leaving a screen too early because they think nothing's happening.

04 · Hierarchy

What it means. What matters most looks most important. Primary actions visually dominant. Secondary actions visually subordinate. Information arranged so the user's eye lands where the team's intent leads. Type sizes, weights, spacing and colour all serving the hierarchy.

Done well. A pricing page where the recommended plan is clearly visually elevated, the comparison points are scannable in a single pass, and the CTA is unambiguous. The hierarchy is doing the work.

Failed. A dashboard where every metric, button and link sits at roughly equal visual weight. Users can't tell what matters. The page reads as a wall.

In audits. Hierarchy findings cluster around weak primary-CTA distinction, undifferentiated type scales, equal-weight competing actions, and pages with no clear visual lead. Often the easiest audit category to fix because the issues are in the visual layer.

In usability testing. First-click testing reveals it sharply — when participants don't click the intended primary action, hierarchy is failing. Also shows up in time-on-task and verbal "I'm not sure where to start" cues.

05 · Accessibility

What it means. The product works for users with disabilities and assistive technology. Contrast meets WCAG 2.2 AA. Focus indicators visible. Keyboard navigable. Semantic structure correct. Alt text where needed. Target sizes adequate. The WCAG floor is a legal and ethical baseline; aspirational AAA goes further.

Done well. A government service like GOV.UK that meets WCAG 2.2 AA across the user journey, with documented accessibility statements and ongoing testing.

Failed. A modern marketing site with 2:1 text contrast on hero copy, no visible focus indicators, and small custom dropdowns that don't work with screen readers. Looks polished; excludes a significant share of users.

In audits. Accessibility findings are the most enforceable category — they map directly to WCAG criteria with measurable thresholds. The contrast checker and focus state checker tools cover the working baseline. Severity is typically straightforward to score.

In usability testing. Run sessions with users of assistive technology. Issues surface immediately and are usually severe. Even in standard sessions, accessibility issues show up as task abandonment when users can't see what they need to.

06 · Trust

What it means. The user has reasons to trust the product at the moments where trust matters. Visual polish appropriate to category. Security cues near payment. Honest copy. Clear privacy posture. No dark patterns. AI-powered features surface uncertainty rather than hiding it.

Done well. A checkout flow that surfaces card security cues at the moment of payment, names the company billing the card, and confirms the order with a transaction reference the user can save.

Failed. A finance app whose visual design feels rushed, whose copy is filled with marketing puff, and whose privacy disclosures are buried behind three links. Even if the underlying service is sound, the trust signals fail.

In audits. Trust findings cluster around weak security cues at payment moments, alarm-bell visual patterns (stock photos, fake testimonials, exaggerated claims), hidden disclosure, and AI features that present output without indicating uncertainty.

In usability testing. Participants articulate trust hesitation directly — "I'm not sure I'd give them my card", "this doesn't feel like a real company", "I'd want to check this somewhere else first". Trust failures sometimes don't appear in behavioural data but emerge in qualitative readouts.

07 · User control

What it means. Users can undo, exit, change their mind. Actions reversible where possible. Confirmation for destructive actions. Auto-save where relevant. No forced flows that trap the user in a sequence they can't escape.

Done well. Gmail's "undo send" window. The user is in control of the action for a brief grace period. Hundreds of small embarrassments avoided per year.

Failed. A signup flow that requires payment details on step two with no clear way back to step one without losing entered data. Or a "delete" action with no confirmation and no recovery path.

In audits. User-control findings cluster around irreversible destructive actions without confirmation, forced flows without escape paths, missing back navigation, missing undo, and auto-actions that surprise the user.

In usability testing. Participants making mistakes and asking "how do I get back to..." or "I think I just deleted something I needed". The frustration in these moments is often disproportionate to the underlying error.

08 · Error prevention

What it means. The system makes errors hard to make in the first place. Default values sensible. Constraints surfaced before action (greyed-out invalid options rather than error messages after submission). Input validated inline. Destructive actions confirmed. Format expectations communicated before entry.

Done well. A calendar invite that defaults to a sensible meeting length, prevents end-time-before-start-time, and warns about conflicts before sending.

Failed. A form that accepts any input, validates only on submit, and returns the user to a fresh page with errors at the top and entered data lost. Multiple errors at once compound the failure.

In audits. Error-prevention findings cluster around missing input validation, missing constraints, missing confirmation on destructive actions, missing format hints, and defaults that don't match common cases. Often correlates with form completion rate metrics.

In usability testing. Participants making predictable errors that better defaults or earlier constraints would have prevented. "Why did it let me do that?" is the diagnostic cue.

09 · Error recovery

What it means. When errors happen, the system helps the user recover. Errors named specifically (not "something went wrong"). Cause explained. Path forward suggested. Entered data preserved. The recovery experience is as designed as the happy path.

Done well. A form that, on validation failure, highlights only the affected field, explains what's wrong in plain language, suggests the correct format, and keeps everything else the user entered.

Failed. A login error that says only "Invalid credentials" without specifying which field is wrong, doesn't preserve the username, and provides no path to recover the password.

In audits. Error-recovery findings cluster around generic error messages, full-page errors when partial would suffice, data loss on error, missing recovery paths, and errors that re-occur because the cause wasn't communicated.

In usability testing. Participants getting stuck after errors, sometimes giving up entirely. Repeated attempts to do the same thing that just failed. Verbal cues like "I don't know what it wants from me".

10 · Progressive disclosure

What it means. Show what's needed when it's needed; hide what's not. Optional fields hidden behind "more options". Advanced settings tucked behind a clearly labelled link. Help text revealed on demand. The default view kept simple; depth available for users who need it.

Done well. A booking flow that asks only for essentials on the first screen and reveals add-ons, preferences and special-request fields only after the core booking is selected. Most users complete the simple version; advanced users find the depth.

Failed. A signup form with 30 fields all visible at once, mixing required and optional, with no signal of which the user can skip. The complexity drives abandonment before the user even tries.

In audits. Progressive-disclosure findings cluster around overwhelming first screens, unfiltered settings pages, hidden essential information (the opposite failure), and unclear "more options" affordances.

In usability testing. Participants scrolling, scanning, and giving up on overloaded screens. Or — the inverse — searching repeatedly for a setting that has been hidden too aggressively.

11 · Recognition over recall

What it means. The user doesn't have to remember things from one screen to use the next. Options visible rather than memorised. Recently used items surfaced. Search suggestions offered. Context carried between screens. The cognitive load of memory replaced with the cognitive load of recognition, which is much lower.

Done well. A booking system that remembers the user's recent destinations and surfaces them as one-tap options on the next booking. The user recognises rather than retypes.

Failed. A multi-step form that asks the user to confirm their address on step four, after they entered it on step one, with no autofill or carry-over. They have to recall, and most reach for the back button to check.

In audits. Recognition-over-recall findings cluster around forms that don't autofill, search without suggestions, navigation that doesn't surface recent items, and flows that ask the user to remember choices made earlier.

In usability testing. Participants backtracking to check what they entered earlier. Long pauses while they try to remember. Verbal cues like "what did I say before...?".

12 · Cognitive load

What it means. The total mental effort required to use the product. Number of decisions per screen. Information density. Visual noise. Choice paralysis. The discipline is to minimise it where the work doesn't justify it, and to design for it deliberately where complexity is unavoidable.

Done well. A complex enterprise product that hides advanced functionality behind progressive disclosure, uses consistent patterns across the suite, and lets power users move fast while keeping new users from drowning.

Failed. A consumer app whose home screen contains twenty competing actions, six promotional cards, three notifications and four ways to navigate. The user opens it and freezes.

In audits. Cognitive-load findings cluster around overloaded screens, too many simultaneous CTAs, excessive choice in selection flows, unfiltered notification floods, and information density that doesn't match the user's task.

In usability testing. Time-on-task longer than expected. Verbal cues of overwhelm ("there's a lot going on here"). First-click hesitation. Task abandonment despite the user having the underlying skill.

Frequently asked questions