[_Adam]

The point to takeaway from this article is that remote attacks are a greater threat than local attacks, so password entry should be optimized for protecting against the former rather than the latter.

For many of us, the point is invalid because we know how to choose good passwords, and we don't need to see them in order to do so.

So instead, think about this from the perspective of the average consumer. A unobfuscated password field makes it a lot easier to use a long and complex password. If the field is hidden, users are more likely to choose something short and easy to remember, making their password vulnerable to dictionary attacks.

[vacri]

Unmasked password fields would only make social engineering an easier way to get at passwords. A toggle, sure, but not as default behaviour.

[cynwoody]

Agreed.

But the default should be to mask (or not echo at all). The option to unmask should be easily available in the UI, but it would be foolhardy to make it the default.