1
pimps
spam pimp it un-pimp it
Tuesday, September 29, 2009 8:41:14 PM GMT

Should we stop masking passwords?
Should we stop masking passwords?
 
www.jankoatwarpspeed.com -- A few days ago, Jakob Nielsen posted an article in which he recommended displaying passwords in plain text instead of masking them. You should read the article if you haven't already. I've read some of the reactions on the Internet and I think people are so passionate about this topic. Here are a few of my thoughts on this problem. People often mistype passwords If you ever performed usability testing you will know this true. Sometimes it can take users 30 or more seconds for a simple login activity! And that can be frustrating. However I think this goes far beyond simple mistyping. Password managers I believe we all agree that password masking is necessary for public/shared computers. But there is really simple solution for non-shared computers: password managers that are integral part of browsers. Just think this way: how many times you actually type your password on a home computer? People are paranoid Is plain text passwords what users would expect? How would avarage user behave in case of typing plaintext password? People feel uncomfortable, even paranoid, when leaving sensitive data and that includes passwords. Offices are often shared with one or more employees so looking over a shoulder is very common practice. No matter how reasonable it actually is, masking passwords at least gives the feel of privacy. Optional masking As one of the solutions, Jakob suggested adding a checkbox that can turn masking on/off. Making too many options could make authentication process painful for users. Imagine that some websites mask password, other don't. Some even have optional masking. Some keep last typed key for a second. Some use a combination of those. Real mess if you ask me. iPhone solution iPhone has an interesting solution (or solution attempt) to this problem. It keeps the last typed character for a short time and then converts it to bullet. It might help you during typing but it doesn't resolve "shoulder surfing" problem that is present. Some other solutions? Unfortunately and fortunately
beebee posted 169 days, 15 hours, 30 minutes ago     show counter code
tags: Articles

No comments yet, be the first one to post comment.

To post your comment please login or signup