Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

Stop Password Masking
From: eslerj at gmail.com (Joel Esler)
Date: Fri, 26 Jun 2009 09:20:12 -0400

What about Shoulder surfing?  Haven't you ever watched "Hackers"?

J

On Fri, Jun 26, 2009 at 8:40 AM, Aaron<subdriven at gmail.com> wrote:
I read an interesting article about removing the mask from passwords.
For mobile devices I think it would be a great idea. For some
desktops, I know it would cut down on support calls. In other
instances I think they must stay masked. I was just wondering what the
rest of the PDC list thought. I have links to the articles below.

Summary:
Usability suffers when users type in passwords and the only feedback
they get is a row of bullets. Typically, masking passwords doesn't
even increase security, but it does cost you business due to login
failures.


Main article here: (http://www.useit.com/alertbox/passwords.html)

which was also posted to slashdot here
(http://it.slashdot.org/story/09/06/25/1856214/Nielsen-Recommends-Not-Masking-Passwords)

Regards,

Aaron
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
joel esler | Sourcefire | AIM: eslerjoel | 302-223-5974


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault