Device entry of passwords is a nightmare. If you multi-hit the virtual keyboard even slightly you get accented characters which of course do not work. This is one time the ******* to represent a password field is infuriating. Yes, I know its wrong, now show it to me so I can see where it is wrong! Some apps have a check box to display the password or not. ++1 for these!
Secondly make sure your max password char count when you enter a new pw is the same as when you're entering it. Expect users to use cut and paste into your pw field. "Remember me" buttons are a probable security loophole, depending on how they are done. </rant> Fingerprints. Coders don't have fingerprints on the tips of their fingers. If you have a Samsung S6 you can set a fingerprint that won't be usable. Finger about 1cm from the end works :) On Wed, Nov 11, 2015 at 4:22 PM, Ken Schaefer <[email protected]> wrote: > I think the PIN idea is good, as long as you’re able to tie it to some > unique device hardware ID. Then you have a form of two-factor > authentication (something you have + something you know). This does limit > the end user to only being able to use their PIN with a single > active/authorised device though. > > > > Another alternatives would be to use one-time pad or token (e.g. SMS a > unique security code for each login) > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Greg Keogh > *Sent:* Wednesday, 11 November 2015 2:25 PM > *To:* ozDotNet <[email protected]> > *Subject:* Re: Mobile passwords > > > > I like how some apps (banking in particular) map the login details to a 4 > digit pin on the device. Gets rid of this problem. > > > > Hey Dude, I had a chat the person managing this app and they said the > customer wants to stick with mixed case passwords. So for now, it's reduced > to a human problem that's solved by emailing out some instructions to the > users. > > > > iPads are a bit too slick with the keyboards though, and case changing > does require caution. Although I think my iOS might be a bit old and I > vaguely recall reading that Apple recently changed the behaviour slightly. > > > > In future though I'm going to remember this problem and consider using > PINs where it's suitable. > > > > *GK* > -- Meski http://courteous.ly/aAOZcv "Going to Starbucks for coffee is like going to prison for sex. Sure, you'll get it, but it's going to be rough" - Adam Hills
