Le vendredi 03 mai 2013 à 23:24 -0500, Eric Sandeen a écrit : > What is the downside to defaulting to a hidden PW, with an opt-in mechanism to > display the password as it's typed? The downsides of defaulting to cleartext > have > been noted, and to me are quite self-explanatory.
First, we need to see why the input default to visible. The discussion about it have been going since a few years in usability circles when Jakob Nielsen proposed it : http://www.nngroup.com/articles/stop-password-masking/ http://uxmovement.com/forms/why-password-masking-can-hurt-your-sign-up-form/ and I think that even Bruce Schneier have gave his opinion in favor of the proposal : http://www.schneier.com/blog/archives/2009/06/the_problem_wit_2.html http://www.schneier.com/blog/archives/2009/07/the_pros_and_co.html I can add to that that I have seen more than once people setting a password which was not the one they believed due to : - keyboard layout ( ie, qwerty vs azerty in France ) - small usage difference with Windows way, again on azerty keyboard ( people using capslock on french keyboard to type numbers while they should use shift, as capslock just type capital letter like À or É and not 0 or 2, and if you do not understand, just look on the web to compare how different it is from qwerty-based keyboard ) Or I could also speak of the small non standard keyboard such as macbook one where ~ or | are not printed and where using the wrong keyboard could result in wrong characters if you are unaware of the problem. Or what about the people where the ASCII ( or ASCII related ) chars are not the norm, and people are forced to use it for the password despite sometime being less familiar with it ( ie, china, japanese, india ) ? I think we can agree there is a few problems to solve here, and showing the password ( I think ) help to solve them ( or at least minimize the time spent on figuring what is wrong ). But the discussion is not about that, even if I think the rational around the defaults. Showing by default will help people who are less familiar, hidden by default will satisfy people who think that's a security issue. Hidden by default and showing it on demand is likely to still be a hindrance to people who may not know they type their password wrong ( because I think most assume that it will work fine, we are not to a point where people assume by default this will fail ). So what about hiding on demand, and having it visible by default ? This way, people who prefer to have it hidden will be happy, and we are still friendly to non technical users. ( and then the discussion is around the mechanism to hide the password, between "reduce visual clutter" and "have a explicit checkbox" ) -- Michael Scherer -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
