Do you think this is a security risk and if not is it a bad UI decision?

Andre Robatino robatino at
Sat May 4 16:29:48 UTC 2013

Richard W.M. Jones <rjones <at>> writes:

> To be honest it would be a lot more convincing if someone had done a
> study and published the results of it, rather than just linking to
> opinions.  I was rather hopeful that Neilsen-Norman would have done a
> study, but they don't publish their results (or rather, you have to
> pay lots of $$$ to read them).

The Fedora installer is unusual in that's it's used rarely - normally no
more often than once every 6 months (except for testers), and for many users
it's the first time. Even if there was a study, it would probably be on
frequently-used applications and the results might not apply, since it would
assume that the user knew in advance exactly how the application behaves.
There's no way an average user using the F19 installer for the first time
will know in advance that the entire password will be visible, before typing it.

More information about the devel mailing list