Another take on this is to consider who can see this info after it's
entered. Is it used only for me to confirm my identity online, or are
the answers to these security questions viewable by any random
customer service rep who looks up my account? Part of the expectation
that's created by masking a password field is that the password will
remain private and secure -- that no one can actually see it. So,
masking the field might create a false expectation of privacy and
security that could be dashed later if someone contacts your company
by phone and finds out that just about anyone at your company has
access to their* sensitive info.
And as for online banking -- I have accounts with several financial
institutions that use these kinds of security questions. They all show
these fields in plain text.
Regards, Adam
* Or should I say "his/her"?
On Jul 23, 2009, at 3:40 PM, Anthony Hempell wrote:
This is for creation of an online account at a major NA wireless
provider. The account would contain most of that person's personal
information, so I consider it high security, perhaps just below that
required for online banking.
Since it is for a wireless provider, there's a good chance they may
be using a mobile device to enter this information.
My gut reaction was that b/c of the sensitive nature of the personal
information, my expectation was that this info would be masked.
________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... [email protected]
Unsubscribe ................ http://www.ixda.org/unsubscribe
List Guidelines ............ http://www.ixda.org/guidelines
List Help .................. http://www.ixda.org/help
