Stop Password Masking

[cybereagle at gmail.com (Matt Hillman)]

Maybe a compromise would be to have a tick box that unmasks the password.
Some apps already have this, especially those that encourage using a long
passphrase.

I see too many people oblivious to the fact that people can see everything
on their screens, and I wouldn't like to see users expecting to see their
password unmasked all the time. The article makes some good points but I
cant help thinking that danger that way lies. The tick box idea would I
think solve most of those issues while maintaining a certain level of
security.


On Fri, Jun 26, 2009 at 1:40 PM, Aaron <subdriven at gmail.com> wrote:

> I read an interesting article about removing the mask from passwords.
> For mobile devices I think it would be a great idea. For some
> desktops, I know it would cut down on support calls. In other
> instances I think they must stay masked. I was just wondering what the
> rest of the PDC list thought. I have links to the articles below.
>
> Summary:
> Usability suffers when users type in passwords and the only feedback
> they get is a row of bullets. Typically, masking passwords doesn't
> even increase security, but it does cost you business due to login
> failures.
>
>
> Main article here: (http://www.useit.com/alertbox/passwords.html)
>
> which was also posted to slashdot here
> (
> http://it.slashdot.org/story/09/06/25/1856214/Nielsen-Recommends-Not-Masking-Passwords
> )
>
> Regards,
>
> Aaron
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090626/447850e3/attachment.htm