Foursquare: Here’s A Solution to Your PleaseRobMe Problem
Headlines »
Foursquare: Here’s A Solution to Your PleaseRobMe Problem
March 11, 2010 – 12:50 PM | 0 Comments

By now you have probably heard of PleaseRobMe a service which aggregates all of the foursquare check-in’s into one place using the tweets sent out through the application.  There has been a lot of uproar …

Read the full story »
Geek

Read about the latest geek trends, news, and gadgets right here!

Malware Report

Learn about the latest threats online, how to remove them, and even how to prevent them.

Software

Find all the latest and greatest software out there for Windows, Mac, and Linux.

Twitter

Keep up with the latest from one of the web’s hottest sites (twitter.com).

Video

Never miss another of my videos again – view the latest videos from live.besttechie.net!

RSS FeedEmail SubscriptionsTwitterYouTubeFacebook
buzz_button
Share

Home » Security
    Share/Bookmark

Should We Stop Masking Passwords?

Submitted by Matt Hodges on June 25, 2009 – 5:55 PM0 Comments
Should We Stop Masking Passwords?

Logging in to our computers or various web services is a normal routine we all go through every day.  Each of us probably has half-a-dozen usernames across the web, with at least double that in passwords.  We’re all also very used to the standard format when logging into a service: plain-text username and a censored password—often with bullets or asterisks.

But  some experts say that we should get rid of password masking.  Jakob Nielsen states that the censorship holds minimal benefits when compared to the drawbacks.

Nielsen makes the following claims:

  • Users make more errors when they can’t see what they’re typing while filling in a form. They therefore feel less confident. This double degradation of the user experience means that people are more likely to give up and never log in to your site at all, leading to lost business. (Or, in the case of intranets, increased support calls.)
  • The more uncertain users feel about typing passwords, the more likely they are to (a) employ overly simple passwords and/or (b) copy-paste passwords from a file on their computer. Both behaviors lead to a true loss of security.

He does make interesting points, however I still am concerned about that prying eye sitting next to me.  There are many times when I’m logging into a sensitive account in front of others and I do not want them to see my password.  Logging into computers on campus is a good example.  Nielsen does address this, though:

Yes, users are sometimes truly at risk of having bystanders spy on their passwords, such as when they’re using an Internet cafe. It’s therefore worth offering them a checkbox to have their passwords masked; for high-risk applications, such as bank accounts, you might even check this box by default. In cases where there’s a tension between security and usability, sometimes security should win.

I personally don’t have a problem with maintaining the masking.  I don’t think I suffer to greatly from not being able to see what I type.  But apparently some do.  What do you think?  Should the standard be changed to allow plain-text view of passwords?  Leave us a comment!

Related Products:

Million Dollar Password
Quick Picks Password Travel Game
The Best Little E-Mail Address & Password Organizer
Password DVD
Best of Password

You might also like:

My Thoughts On OpenID

UK ISPs Looking At Tiered Services To Combat Piracy

The Best Online Backup Services

Attention iPhone Owners: If Your iPhone Overheats It’s Your Fault (Currently)

Tags: ,