Adding a checkbox on every dialog box is pretty useless. If you really want to go down this path of revealing passwords based on external factors (i.e. public place, people looking over your shoulders), then add an option in the main dialog box of Windows logon that asks where you are (just like many web sites do). Based on that you can then configure various policies in Windows, one of them being this.
But I think the whole reveal password is pretty useless to begin with.
Jeff,
I always enjoy the diversity of your posts. Relating to the post above:
At the risk of sounding like a commercial…
I work in the online advertising industry are regularly log into hundreds of accounts for search engines, comparison shopping engines, my company’s hosted application, and all the internal applications (crm’s, ticketing systems, wiki’s, survey apps, etc) we use in our day to day business. Throw in my personal stuff like credit card accounts, bank accounts, email accounts, networking sites, and so on…and you have a ton of usernames and passwords to keep track of (not to mention all the various methods of logging in).
So, the whole login thing is a huge part of every day. Because many of the accounts I access belong to clients, standardization isn’t an option. Multiply this issue by all the employees in our company, and you have a huge liability/security issue with all the client accounts.
Our company started using a product available for PC’s called RoboForm.
It’s a real time saver and adds a level of security to all password based authentication.
A few features I really find useful:
Prompts user to “remember” all browser based usernames and passwords (such as a gmail account authentication) the first time they are entered; subsequent trips to the website can be authenticated via RoboForm
provides for easy/automatic filling of standard forms (name, address, phone number, etc)
encrypts all stored usernames and passwords (accessible on the local machine by one master password only)
provides easy methods of sending usernames and passwords to others via email with encryption
defeats keyloggers because once a password is “remembered”, there is no typing done…just a click on the appropriate RoboForm link to fill in the data
for non-web browser based usernames/passwords, RoboForm also has a “SafeNote” feature that allows you to store usernames and passwords on your PC in a secure place (this provides for easy copy/paste functionality without the security risk of having your passwords “laying around”)I use this to store my VPN client credentials and remote access passwords to name a couple.
for frequently visited websites that require authentication, RF will let you create a shortcut on your desktop (or any folder) that you can active; it will open your default browser and log you in automatically (assuming you’ve already logged into RF via your supreme master password; if you haven’t, when you click the shortcut, it will prompt you to sign in)
I’m not sure of the company cost as we bought in at the enterprise level. They do offer an individual license for around 30 smackers.
They also have versions for Palm and PocketPC. They only thing they don’t have that I would buy is a version that will work on OS X. I use both Mac’s and PC’s on a day to day basis.
On the version of Notes that I used once upon a time the Xes weren’t random. They were based on a hash of the password the same why the hieroglyphics where. More than once I noticed I had a typo in my password because the behavior of the Xes changed.
Interesting post. I have to say, I agree that the “reveal” option should become some sort of standard.
Hell, if you set your computer up at home, and you are the only user, and 99.9% of the time, people are NOT looking over your shoulder, and passwords are masked by default (meaning I must always enable it), what’s the big deal?
Wireless network keys are a classic example of the way passes are going, they are forever getting longer and more complex. These sorts of keys I do not want to have to mess up 2 or 3 times and start from scratch. If the machine is a public machine (i.e. people can always be looking over your shoulder - internet cafe or whatever) then why not have the option within the OS to say, "this is a public machine, disable the “reveal” option?
Should the mask be there by default? Yes. Should we be restricted in being able to see the password, if we are confident that we are not being watched (which is most of the time)? HELL NO.
This could also raise the debate that more people are writing their passwords down now (due to their complexity) are actually causing more harm? 90%+ of rape victims know their attackers, you think it could end up being the same way for malicious computer abuse? =S
Notes was hardcore with security. First product to ship with RSA, and a nightmare to change the passwords for. Where I worked we actually recommended that users never changed from their default password so we’d have a record. Otherwise we’d have to reissue the certificate.
I see this as a design issue, by differentiating themselves from other products with an apparently more secure password entry, it might encourage users to take their passwords more seriously.
I actually quite liked the variable X’s in the field.
I put together a bookmarklet ( http://philharnish.tumblr.com/post/26219829 ) which adds this feature. I love the idea, especially compared to the “enter password twice” paradigm.
Re Lotus:
It’s been a few years since I dealt with them but
I haven’t seen any sign that this has changed recently.
If you had dealt with them in the last few years, you would know that things have changed drastically.
The new Lotus UI - shared between Notes 8.x and Symphony - was described as “cool-looking”, “really attractive”, “beautiful” and “pretty impressive” on the 08-Feb-08 edition of the Windows Weekly podcast. That sounds like change to me.
And, yes, it does still have the visual password hash and multiple 'X’s per character. Which I like: you soon learns subconsciously to recognise the visual pattern of your password, telling you whether or not you’ve entered it correctly without ever having to ‘reveal’ it or copy it from the clipboard. In fact, because Notes is so hot on security, the paste operation is not supported in the password dialog anyway, so the clipboard cheat is not available.
Back to the ‘reveal’ thing: it certainly has a place, but would need to be tightly policy-controlled to meet an auditor’s definition of ‘secure’.
I’m not so sure I agree with this. While it’s possible to reveal the text in a password entry with the help of a tool, it’s not so simple as clicking a button. Allowing the entry to reveal/mask the password with the click of a button just doesn’t sound good.
Yes, it would be more convenient to the user… but it could also make it easier to have their password stolen, in certain situations, like if a user is filling out a form, finishes entering the password, then they leave the computer for a short time. Then someone comes along, clicks the “unmask password” checkbox, and boom, there’s the password. It’s just a little too easy.
I’ve never had a real problem entering passwords correctly, even long ones. When I do, I just become more careful. It may happen more often than I think, however.
Thats cause you have to retype the password
every time you rejoin the network
False, but nice troll. Use the keychain.
I like the feature. I often find myself wondering if I mistyped a key in a password.
To the comment that everyone should know how to cut and paste from a text editor, there’s two problems with that.
First, that’s not always available. If I’m logging onto my machine, I can’t access anything but the log-in dialog - which means I can’t access a text editor. (Of course, the password for my Ubuntu account isn’t 16 characters long…)
Second, it’s not about an unbelievably great new idea. It’s about efficiency and productivity. Sure, you can do the same thing by opening up Gedit/Notepad, typing your password, copying, and pasting. But it’s simply more efficient to have a button on a dialog box that I can click to reveal my password.
Anyhow, I’m all for password reveal. Put my name on the petition.
Maybe the “reveal password” feature should be a “hold to reveal password” button rather than a checkbox. This would enable it to “spring back” to hidden when you let go of the mouse.
Of course there’s accessibility to think of, but I’m sure it would be possible to give the button focus and trap a keyDown event to enable a keyboard equivalent of holding down the mouse button.
Just my 2p worth… not that it’s likely to be seen by a MS developer and implemented 
I don’t think we should have reveal my password button. We’ve many password manager like Keepass, AI roboform, It does our job, keep our password safe 
The Notes thing is a great example of poorly directed creativity.
Huge teams pounding at diminishing code bases often get erratic
spurts of creativity that ultimately make the overall product
’fugly’. Instead of fixing the real problems, they just pile on
more.
I think this is a perfect summary of the problems at Lotus when I was involved with them (caveat as before: some years ago). Lots of very smart people, almost all of them programmers/code hackers/hardcore geeks, with unlimited freedom to do whatever they wanted and little to no feedback from the real world. The only difference was that it wasn’t a huge team, the Notes team was relatively small.
KeePass has the same “Reveal Password” feature and I love it. Especially since I use and very strong password to lock and encrypt my safe.
Hey I just made it today
This is a simply javascript of display password mode.
http://devzilla.wordpress.com/2008/02/15/display-password-javascript/
THANK YOU for linking that site about Lotus. Oh sweet joy, how I am going to enjoy reading that.
I absolutely loathe Lotus Notes. What a piece of fantastically overcomplicated, ugly, bloated software.
I agree with the general direction of your post; a Reveal option would make password entry that much more usable. Although maybe it would make careless people more prone to revealing their passwords to overlookers.
For all those that go from computer to computer, you should try portableapps.com. (must have a usb flash drive) They have all kinds of password applications. If you use Keepass, then you should try Password Safe. It’s has a few more options than Keepass. X-Pass lets you see what is in a password field. Believe it or not, that can be really helpful at times. I help noobies troubleshoot problems with their PC, and one of the more common problems that I get is people with SBC DSL, and 2wire gateway modems. They usually can’t get past the firewall in the modem for other apps to get through to the internet, and they don’t know what the password is for the 2wire modem. It’s the same password as they use for their SBC yahoo homepage, and alot of times the password will auto-fill itself in at the login screen, but with asterisks. Thats when X-Pass really comes in handy.
The reading of this post was really interesting. Getting through the comments got a bit more interesting, but monotonous.
Thats my 2 cents.
I just read these comments and while I normally didn’t bother to replay to the fan-boi Apple freaks I just had to comment on the anti-MS statements made by Glen; you are a moron. You have never bothered to study history and are a drone suckling at the teat of your hive-master and evil overlord Steven Jobs.
Sound a little wacky? Well, that’s what you sound like when you make such idiotic statements as “Microsoft steals everything.” We all know Xerox invented the GUI, Apple stole it, then Microsoft stole it. Saying otherwise just makes you look foolish.
Here’s the rule: Apple fan-boi’s never get to say anything about anyone ever. Steven Jobs ripped off his best friend. The very first deal they did he stole from Wozniak and committed grand larceny. It’s a fact.
Legally Apple belongs to Wozniak because of that. So, the next time you want to bitch about Microsoft stealing anything remember your boy Steven Jobs lied, cheated, and stole from his good buddy, Steve Wozinak.
Nuff said.
LOL I always get “orange” too,I thought it was a joke!
There are many people who would be screwed by the reveal option, people in dorms. Public users who don’t know much yet, people with roomies and family members who have a high level of curiosity or prankish nature, people who must send the PC away to be fixed, well I am sure others too. So if this is implemented I would want it off by default for sure! And i would want a few of the other possible mentions safeguards in place too.
My two cents.
Stars for password entry is one of the worst ideas ever.
If you are too stupid to tell the person looking over your shoulder to stop, then you have bigger problems.
As has been said; with complex passwords you end up having to type them into a temporary text file, copy them into the highly insecure clipboard, then past them into the password field; if the app even allows it.
Hiding the password is one of those things that anyone that’s actually thought about it (maybe 10% of the programmer population) would have to agree is a bit idiotic but we get shouted down by the remaining superstitious 90%. They screech, “But that’s how we’ve ALWAYS done it! It’s ‘Secure’ that way! And if we’ve always done it that way it must be right.” No, it’s not and it’s actually LESS secure because it forces you to expose your password to mulitple interfaces.