Jake, I'm not understanding your comment... *You should never EVER input your password into a field that isn't asterisked. This goes way beyond "someone peering over your shoulder".*
I've been experimenting with this on a new site and from what my developer colleagues have told me, using type=password is only a front end mask, it doesn't enforce any kind of encryption. The one issue I have found is that the browser remembers any plain text inputs so if there isn't a way around that then I will definitely use two type=password fields... but could you elaborate on why you think it goes beyond someone peering over your shoulder? The reason I'm experimenting with this is because there has been a lot of chat lately about asking users for information twice (for example their e-mail address) and the fact that they are more likely to make a mistake when typing it the second time, and any super users would just copy and paste anyway so all in all the double request is a bit of a nuisance and not necessarily ensuring data integrity. For these reasons, in the 'Registration' section of our new site the password input is plain text. My thinking is that the user can see it and therefore check it and change it easily. This project is a big brand based in Scandinavia so users are a lot more trusting than average, and 90% of shoppers do it from home so the 'peering over the shoulder' aspect doesn't really factor in. I'm also wondering if a little toggling text link next to it such as 'mask password/unmask password' would ease the pain for the suspicious folk ;-) There is another recent thread on this topic but I can't find it! On the actual 'Login' page, the password field is set to type=password. I'm not stuck on doing it this way but I am interested to see how users feel about it in testing (about 6 weeks away) BTW Calvin, that's a really interesting point, will definitely need to do some experimenting around that! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Posted from the new ixda.org http://www.ixda.org/discuss?post=32617 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
