E-mail List Archives

Re: Password Rules - Impact on Users with Cognitive Disabilities

for

From: Mallory van Achterberg
Date: Oct 29, 2014 8:17AM


On Wed, Oct 29, 2014 at 01:44:42PM +0000, Patrick H. Lauke wrote:
> On 29/10/2014 12:31, Birkir R. Gunnarsson wrote:
> >I think password hiding is important, so passwords should be hidden by default.
>
> Actually, not quite sure if that's true (anymore).
>
> See for instance Luke Wroblesky's thoughts on this back in 2012
> http://www.lukew.com/ff/entry.asp?1653 - and since then, a lot of
> sites/apps seem to have gone that way too (showing by default, with
> option to hide if needed).

I also hate hearing "star star star star" when testing new services.
The best that gives me is how many characters I've typed actually made
it to the screen, nothing more. (I'm not blind.)

Although, I had forgotten about the options to show, as seen on my
network-manager's network popup, or I believe one of the Internet
Explorers actually adds an icon (which doesn't seem focusable but it
can be clicked with a mouse) of an eye that I think does similar.

I'd be okay with input type="password" if it added a separate control
to hide/show, but I generally hate the default setup of things. More
often than not, I misstyped one of the two (I don't copy and paste
between two password fields because of this fear), and hope I don't make
the same misstype twice. Meanwhile, I'm more likely to have a keylogger
or wifi sniffer at my machine than someone is able to see my screen.
The threats have shifted.

_mallory