Masked man or masked password?

I was reading this article[1] on theregister.co.uk about the usability of masked (i.e., hidden) password fields on GUI forms and webpages. It is just crazy to even think that showing the password field is a good thing compared to current practice that has the password fields masked with dots or asterisks.
My arguments:

  1. Attackers will be fine with screenshots of when you login to webpages instead of keyloggers
  2. What about remote screen sharing and when you have to login to a service or webpage?
  3. What if I have a colleague looking at my screen and I need to login somewhere? Sorry can you please leave till I login because you can see my password…. everyone can see it really (even the person across the street with the telescope(not that you should).

There are probably more but I can not think of any right now. I think you get the point. It is a just a bad idea. Maybe they should make the field UV and no one can see it unless they are wearing special glasses (a bit better solution, I think).

Link Used:
[1] Reported by out-law.com – “Masked passwords must go” – http://www.theregister.co.uk/2009/06/30/masked_passwords_usability/

This entry was posted in Uncategorized. Bookmark the permalink.

3 Responses to Masked man or masked password?

  1. Ciara says:

    I thought this quote was interesting: ‘…This double degradation of the user experience means that people are more likely to give up and never log in to your site at all, leading to lost business” ‘

    I don’t know anyone who has decided not to use a website because of masked passwords, so I would like to see the research that shows this is the case.

  2. Mark says:

    Your arguments can all be rendered moot by having an option to mask the field, i.e. ‘tick this box to hide my password’.

  3. Kosta says:

    Mark: Yes that would be much better… and very confusing from a user interface aspect, as the whole point as I understand it, is that we should not have masked passwords at all. I would like to have the option at least if they do go forward with this option. As a colleague said, lets re-introduce a solved problem.

Leave a Reply

Your email address will not be published. Required fields are marked *