Do you think this is a security risk and if not is it a bad UI decision?

Dariusz J. Garbowski thuforuk at
Sun May 5 12:41:48 UTC 2013

On 05/05/13 08:40 AM, Pierre-Yves Chibon wrote:
> On Sat, 2013-05-04 at 15:22 -0700, Dan Mashal wrote:
>>> Hidden by default and showing it on demand is likely to still be a
>>> hindrance to people who may not know they type their password wrong
>>> ( because I think most assume that it will work fine, we are not to
>> a
>>> point where people assume by default this will fail ).
>> Straw man argument.
>>> So what about hiding on demand, and having it visible by default ?
>> This
>>> way, people who prefer to have it hidden will be happy, and we are
>> still
>>> friendly to non technical users.
>> Absolutely wrong.
> Well constructed arguments, with very nice examples...
> Michael proposes here a sort of middle ground, using the studies from
> different sources (referenced) and the apparent wish of the maintainer
> to go this way.

I would like to point out that, as Adam Williamson nicely written in his analysis of the references 
quoted earlier in this thread, it's hard to call any of the references as "studies" -- most of them 
are opinions and not widely accepted either.


More information about the devel mailing list