Do you think this is a security risk and if not is it a bad UI?decision?
drago01
drago01 at gmail.com
Sun May 5 08:54:42 UTC 2013
On Sat, May 4, 2013 at 10:27 PM, Adam Williamson <awilliam at redhat.com> wrote:
> On Sat, 2013-05-04 at 13:20 -0700, Adam Williamson wrote:
>
>> That's it. So far as I can see, that's the sole reference to any actual
>> identifiable study. And again, so far as I can see, the entire 2009
>> debate spiraled out from that single post, with lots of 'experts' adding
>> their subjective $0.02 on either side (mostly against), but no-one
>> actually adding any kind of useful empirical research.
>
> The other link I've seen cited in favour of the change -
> http://uxmovement.com/forms/why-password-masking-can-hurt-your-sign-up-form/ - again appears to be solely opinion stated as fact. It's all phrased very categorically, but there is no reference I can find to any kind of actual evidential backing.
I wanted to stay out of this discussion but if we want to go this
route there you go:
http://dl.acm.org/citation.cfm?doid=2406367.2406384
http://dl.acm.org/citation.cfm?doid=1280680.1280683
http://dl.acm.org/citation.cfm?doid=1968613.1968647
http://dl.acm.org/citation.cfm?doid=1030083.1030116
....
The change to display the password as plain text is just wrong (see
studies / papers above ... you can find a lot more of them).
Seriously this changes just papers over another bug "we suck at
keyboard layout selection" ... "fixing" it by showing the password
like that is just wrong.
More information about the devel
mailing list