Do you think this is a security risk and if not is it a bad UI decision?

Rahul Sundaram metherid at
Sat May 4 03:46:28 UTC 2013

On 05/03/2013 11:28 PM, Bruno Wolff III wrote:
> Are you refering to someone ther than the person who is looking at the 
> screen while typing in their password? Surely the person doing that 
> will know it is visible and not enter it while someone is obviously 
> looking at their screen.

It may not be obvious at all.  While you don't have necessarily have 
anyone sitting right next to you, it would be visible in the screen.  A 
password shown in the screen is far more visible compared to someone 
having to overlook the keyboard.  Users don't expect any UI to show the 
entire password and this UI change would come as a unpleasant surprise 
especially if they are looking at the keyboard while typing which many 
users do.   Well, sure, once they realize it, they can retype a new 
password in private but why would we make them go through that pain 
unnecessarily?  That is pretty awful for usability.

It is *very* useful to be able to see the password you are typing at 
times when there is no such privacy concern but this is precisely why 
some password fields have a "show password" checkbox but not as the 
default behavior.


More information about the devel mailing list