This is a TERRIBLE idea. A mildly sophisticated user—say, someone who knows how to plug in a printer, or use the "print preview"—can wreck havoc.
There's some great security stuff at Schneier's blog: http://www.schneier.com/blog/ On Tue, Jun 30, 2009 at 5:47 AM, Matthew Green<[email protected]> wrote: > Hello, > > Someone I work for has a strange enhancement request which I do not agree > with, but this person is the boss. I think in my gut, this is wrong. > > *website: * a user management system for secure student data. Clients are a > little paranoid about passwords and user names getting out. > > *behavior:* when you select a user and want to reset his or her password, > the resulting screen shows the user name, but then blanks out the password > which you can only see by printing the page. > > Blanking out the password seems silly since you can still see it if you > print it out. Do people agree this is poor functionality? If so, is there > any evidence to support my feeling that this is a bad idea? > > Thanks, > > Matthew > > > ________________________________________________________________ > Reply to this thread at ixda.org > http://www.ixda.org/discuss?post=43289 > > ________________________________________________________________ > Welcome to the Interaction Design Association (IxDA)! > To post to this list ....... [email protected] > Unsubscribe ................ http://www.ixda.org/unsubscribe > List Guidelines ............ http://www.ixda.org/guidelines > List Help .................. http://www.ixda.org/help > -- _________________________ http://www.marketpublique.com http://www.jonathanpberger.com 718.930.2165 This email is: [*] bloggable [ ] ask first [ ] private ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [email protected] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
