Do you think this is a security risk and if not is it a bad UI decision?

Chris Murphy lists at
Fri May 3 22:05:38 UTC 2013

On May 3, 2013, at 3:26 PM, Dan Mashal <dan.mashal at> wrote:
> So I just wanted to email other intelligent people and see if I was
> crazy or stupid.

Seems specious to me. I haven't seen an implementation like this. It's sorta like flipping off your parents to their faces, then 2 seconds later covering your hand, rather than flipping them off behind their back. In the former case you have a virtual 100% chance of getting caught. In the latter case, you have a decent chance of not being caught.

Oh wait, except, right after you cover your hand, you immediately do the same exact thing a 2nd time. To their faces. Yeah. I think it's about 100% if anyone's remotely paying attention.

The password entry paradigm is in the realm of ridiculous to asinine. But the proposed method exposes more of the user password entry than previously. If the idea is that it therefore makes the user nervous enough that they become more aware of their surroundings, than the false sense of security of immediately obscuring password entry, I might buy that this ends up being more effective on average. (Most users don't have enemies who can afford to deploy robot flies on walls to capture their password entry.)

Chris Murphy

More information about the devel mailing list