Do you think this is a security risk and if not is it a bad UI decision?
Reartes Guillermo
rtguille at gmail.com
Fri May 3 20:08:27 UTC 2013
I think that the previous behaviour was better. (covering the password with
bullets).
At least the phones only show one character at a time, not the whole
password.
Cheers.
On Fri, May 3, 2013 at 5:04 PM, Dan Mashal <dan.mashal at gmail.com> wrote:
> Hi,
>
> In the latest Fedora 19 Beta TC2 install after I got through the
> initial steps of the install I started to setup my root password.
>
> To my surprise my password was shown in plain text instead of bullets.
>
> I believe that this is a major security risk and that this is a new UI
> change going forward and this is not a bug.
>
> Do you think this is a good idea?
>
> What if you are installing and someone is looking over your shoulder
> and you don't know about this new "UI improvement"?
>
> Someone would see a password that you may or may not often use whether
> it's secure or not.
>
> Even if someone watched you type the password or recorded it with a
> camera, that would be harder to decrypt than just showing it in plain
> text while you type it in to anaconda.
>
> In addition, it was stated that this is becoming a "popular" UI
> enhancement but there was no documentation provided as to where this
> is popular. In my experience you would click on an icon next to the
> dialog box if you wanted to see the password. This is what is becoming
> popular. Not showing it as plain text while you type.
>
> Thoughts?
>
> Dan
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130503/9965c4d4/attachment.html>
More information about the devel
mailing list