Do you think this is a security risk and if not is it a bad UI decision?

Pierre-Yves Chibon pingou at
Sun May 5 07:40:18 UTC 2013

On Sat, 2013-05-04 at 15:22 -0700, Dan Mashal wrote:
> > Hidden by default and showing it on demand is likely to still be a
> > hindrance to people who may not know they type their password wrong
> > ( because I think most assume that it will work fine, we are not to
> a
> > point where people assume by default this will fail ).
> Straw man argument.
> > So what about hiding on demand, and having it visible by default ?
> This
> > way, people who prefer to have it hidden will be happy, and we are
> still
> > friendly to non technical users.
> Absolutely wrong. 

Well constructed arguments, with very nice examples...

Michael proposes here a sort of middle ground, using the studies from
different sources (referenced) and the apparent wish of the maintainer
to go this way.
It's not because it is different from your current behavior that it is
by definition false. So if you disagree please provide *reasonable*


More information about the devel mailing list