Do you think this is a security risk and if not is it a bad UI decision?

Dan Mashal dan.mashal at gmail.com
Sat May 4 22:22:01 UTC 2013 

On Sat, May 4, 2013 at 2:37 AM, Michael Scherer <misc at zarb.org> wrote:
> and I think that even Bruce Schneier have gave his opinion in favor of
> the proposal :
> http://www.schneier.com/blog/archives/2009/06/the_problem_wit_2.html
> http://www.schneier.com/blog/archives/2009/07/the_pros_and_co.html

Which he later took back.

> I can add to that that I have seen more than once people setting a
> password which was not the one they believed due to  :
> - keyboard layout ( ie, qwerty vs azerty in France )
> - small usage difference with Windows way, again on azerty keyboard
> ( people using capslock on french keyboard to type numbers while they
> should use shift, as capslock just type capital letter like À or É and
> not 0 or 2, and if you do not understand, just look on the web to
> compare how different it is from qwerty-based keyboard )

The installer should detect the keyboard automatically. In fact you
can even tell it what type of keyboard you have on the first screen.

> Or I could also speak of the small non standard keyboard such as macbook
> one where ~ or | are not printed and where using the wrong keyboard
> could result in wrong characters if you are unaware of the problem.

I think people that have Macs have learned how to use their slightly
different keybaords by now.

> But the discussion is not about that, even if I think the rational
> around the defaults.
> Showing by default will help people who are less familiar, hidden by
> default will satisfy people who think that's a security issue.

Showing by default helps no one.

> Hidden by default and showing it on demand is likely to still be a
> hindrance to people who may not know they type their password wrong
> ( because I think most assume that it will work fine, we are not to a
> point where people assume by default this will fail ).

Straw man argument.

> So what about hiding on demand, and having it visible by default ? This
> way, people who prefer to have it hidden will be happy, and we are still
> friendly to non technical users.

Absolutely wrong.

On Sat, May 4, 2013 at 11:10 AM, Michael Cronenworth <mike at cchtml.com> wrote:
> On 05/04/2013 02:29 AM, Stef Walter wrote:
>>
>> There's already this exact phoneish password hint capability in GTK+
>> with the 'gtk-entry-password-hint-timeout' setting. Turn it on in
>> $XDG_CONFIG_HOME/gtk-3.0/settings.ini, or use
>> gtk_settings_set_string_property()

I guess this is somewhat of a reasonable compromise.. if I was
installing Fedora on my phone/tablet.

On Sat, May 4, 2013 at 2:48 PM, David Woodhouse <dwmw2 at infradead.org> wrote:
> Or a forum where said decisions can be overridden with a little more
> sanity, such as FESCo.

Has it come to that? Do we really need a committee to decide "sanity"
and how ridiculous this is?

On Sat, May 4, 2013 at 9:35 AM, Adam Williamson <awilliam at redhat.com> wrote:
> http://it.slashdot.org/story/13/05/04/1248242/fedora-19-to-stop-masking-passwords
>
> Well, that escalated quickly.

As it should have.

So where do we go from here? I think the vast majority of people here
have agreed that this was wrong. I guess does this now go to FESCo and
let a few people vote on it?

Why can't there  be a wider community approval be able to vote on
things like this? As I stated earlier there are a list of things that
have changed without any real widespread community approval.

I kind of feel helpless, and powerless.

Great. I brought the attention to a wider audience and the general
public and something may or may not get done about it, but what about
the next UI change I think is ridiculous or the ones I think that
already are?

I don't feel like if I filed a bug anything would get done about it
besides a "too bad" response.

I'm really lost.

Dan

More information about the devel mailing list