Sunday, March 23, 2008

Hidden Password Fields:

If you use a lot of web sites, you probably have many occasions to enter a password. Password fields almost inevitably are “hidden”: you see a row of stars instead of what you type. When you are defining a new password for some site, you often see two hidden fields, challenging you to enter the same passphrase twice. In my opinion, that's particularly dumb. These hidden fields are prone to certain kinds of user error, so Microsoft Windows will warn you if a password fails “because” the caps-lock key is on.

How often is someone looking over your shoulder when you enter a password? The last time that happened to me was 2003.

There ought to be a button to optionally hide (or unhide) password fields. Today, when passwords should be many characters long, it's better to let you see what you're typing. The “obviousness” of hiding passwords is one of those leftover behaviors from the days of 1960's mainframes and expensive terminals that were used in exposed places at work.

These days, I use one website that offers me the choice: I can type my password in the hidden field or in an open field. So of course, on my home computer, I use the hidden field! Here's why: Windows remembers my password so that I do not have to retype it. But Windows will only remember my password for a hidden field, not for an open one.
Post a Comment