Agreed, it's important to present errors properly. But really, the best solution is to <i>not present an error at all</i>, in every possible case. Auto-recovery is very important.<p>The example of the Windows hibernate message, while trying to illustrate a different point, is really a better example of something the user shouldn't have been asked in the first place. The solution is simple: if Windows <i>can</i> try again, why didn't it just <i>do</i> that, maybe a few times, before even thinking of bothering the user?<p>The case of a failed key may be less trivial, since you don't necessarily want a page that helpfully produces valid keys from invalid ones. And yet, if the key is long enough, and the mistake is small enough (e.g. 2 characters out of 16), perhaps the web page could figure out the closest valid key and just log in using that key (or have a Google-style "did you mean XYZ-123-ABC" link for the matching key).