[fb]

This guy must have been joking. The fact that HE always types his passwords alone in his office does not mean that any sane person would like a possibility that anyone ever has a chance to see his password. Apparently, some people are not always alone...

[Edinburger]

Yes, good luck to anyone in (a) an open-plan office or (b) an office with security cameras.

[mooism2]

Are the security cameras trained on the screen or the keyboard?

[eli]

Would you know?

[tezza]

And would you know if they just recorded the keys your fingers pressed?

I think Jakob is really onto something here.

[pygy]

They could record the sound of the keypresses too. They may be impossible to discriminate subjectively, but they all have a distinct signature...

[mgj]

Yep, see: http://www.cs.berkeley.edu/~zf/papers/keyboard-ccs05.pdf

[tokenadult]

"Of course, a truly skilled criminal can simply look at the keyboard and note which keys are being pressed. So, password masking doesn't even protect fully against snoopers.

"More importantly, there's usually nobody looking over your shoulder when you log in to a website."

[cruise02]

or c) at a coffee shop with wi-fi.

[ghshephard]

Different problem and solution. See: http://en.wikipedia.org/wiki/Secure_Sockets_Layer

[apgwoz]

> The fact that HE always ...

I agree with this statement entirely, but wonder if in a mobile setting, like with an iPhone if this isn't a bad idea. There have been many times where I tried to look over at someones iPhone to see what they were doing and simply couldn't see. I'm talking as close as 2 feet away.

And since I know how annoying it can be to type passwords on my iPod Touch, I could see the value of this--but only on devices with very small screens, and WITHOUT any sort of auto-fill from the browser. Of course, it should be an opt-in sort of setting. No vendor should decide your fate when it comes to security decisions like this.