|
|
|
|
|
|
by fcr
6199 days ago
|
|
|
not having someone look at your password over your shoulder is a requirement What I say is that sometimes this is not a requirement even if the website offers a login feature. I guess that for my online mail client I would prefer to have a masked password field. Now for my account at an online rss reader I actually don't care that much because there is nothing to protect (at least in my opinion) and no value for someone to steal and remember my password. Maybe however I still want to be protected against someone on the web who happens to have the same name as I do and wants to steal my account... However the probability for this guy to be over my shoulder is quite low. Maybe this is all a question of personal interest. Some users will prefer usability over security while others will prefer the opposite no matter the application. If this is the case then I would vote for having the option to toggle between one and the other... |
|
|
So in essence if you leave a password field open then your potentially exposing the "global" password of your user to anyone walking past. That seems an even bigger consideration than just exposing the pass to your site. Your taking away any security the user expects when typing a password in :)