[kde-guidelines] [KDE Usability] Password Field

Thomas Pfeiffer colomar at autistici.org
Sun Dec 8 16:43:04 UTC 2013 

On Sunday 08 December 2013 11:55:56 Martin Klapetek wrote:
> On Sat, Dec 7, 2013 at 7:28 PM, Thomas Pfeiffer 
<colomar at autistici.org>wrote:
> > On Saturday 07 December 2013 18:08:23 Sune Vuorela wrote:
> > > On 2013-12-07, Björn Balazs <b at lazs.de> wrote:
> > > > I assume that the environment does not change that often. When I work
> > 
> > in a
> > 
> > > > train (and hence want to hide passwords) I do this for quite some
> > 
> > time. So
> > 
> > > > I thought I might be a good idea to keep the last state. Also there is
> > > > not a lot of potential harm, as you immediately see whether the
> > 
> > password
> > 
> > > > is shown or not - so you can toggle the mode to the desired state.
> > > > 
> > > > The idea is to be convenient - which most of the time somehow
> > 
> > interferes
> > 
> > > > with security.
> > > 
> > > I'd love to be able to toggle the password visibility in more cases than
> > > it currently is possible today. So yes. Toggle buttons everywhere.
> > > 
> > > And let it default to being 'stars' or similar symbols. Security trumps
> > > convenience. We can't let users having their password snooped by the
> > > co-passengers or co-workers or just people who pass by you while sitting
> > 
> > in
> > 
> > > a Cofe.
> > 
> > Unless we assume people are stupid, we can assume that they will set it to
> > masking again once they go to a public place, can't we? And even if they
> > forget, they should notice after the first characters appear.
> 
> I see two problems with this - people are used to password fields always
> showing the "password symbol" (star, dot, big dot etc..). Combine this with
> fast typing people, who just click the password field and basically have
> the whole password typed in in under a second. So even if you would notice
> the password is clearly visible, it might already be too late because
> you're writing the password from your muscle memory, and it takes us ~1.5s
> to react and change your typing because you realized the password is
> visible.
> 
> So - fast typing people would notice, but would write the whole password
> before reacting.
> 
> Furthermore, remembering the option would result in people /always/ doing
> one additional mental step before inputting password - check if it's
> visible or not, possibly combined with "am I in a safe environment -> no ->
> is my password visible". And I wouldn't want that. As Albert noted below,
> no other platform does that. And I would just hate thinking everytime I'm
> putting a password if it's visible and if it /can/ be visible at the moment.
> 
> So -1 to remembering the option from me.
> 
> Cheers

Okay, it seems there is a strong majority for always defaulting to masking. 
That's not my preference, but "security first" is fine with me.

More information about the kde-guidelines mailing list