The Dramatic Password Reveal

As far back as I can remember-- which admittedly isn't very far-- GUI toolkits have included a special type of text entry field for passwords. As you type, the password field displays a generic character, usually a dot or asterisk, instead of the character you actually typed.

I've criticized the login dialog before, but I definitely understand the need to obfuscate password entry, even if you're using fancy two-factor authentication with smart cards and the like. If password entry was treated as plain old text entry, you'd reveal your password (or PIN code) to anyone who casually happened to be looking at the screen while you're typing. So instead of seeing:

**************

Everyone in your meeting or presentation would instead see:

IHeartBunnies!

Which would be sort of traumatic on several levels. Not to mention the security implications.

I can't talk about login dialogs without bringing up one in Lotus Notes 6.0. Like everything else in Notes, it's a massive trainwreck.

This dialog box contains several security "features":

animated Lotus Notes 6.0 login dialog

  • The hieroglyphics on the left of the dialog box are supposed to distract anyone who is peering over your shoulder trying to learn your password as you type.
  • The number of characters you type is hidden; a random number of X's appear instead of one asterisk per character.

Is any of this nonsense really necessary? If I want to learn someone's password as he or she types it, I will look at the keyboard, not the screen!

I actually had to use that exact login dialog for my job at the time, and I can tell you from personal experience exactly how mind-bendingly, appallingly awful it truly was. Who reinvents a perfectly standard dialog-- and makes it so much worse? On second thought, perhaps "how can we make this worse?" was the design goal for Notes. It certainly felt that way while I was using it.

But I digress. As much as we worry about password obfuscation, at least one dialog in Vista bucks this long-standing GUI trend. Specifically, the dialog where you enter your wireless network password.

Display characters checkbox for wireless configuration dialog

Checking the "display characters" checkbox overrides the password obfuscation and reveals the password. At first I was appalled. Reveal my password? Imagine the security implications! The chutzpah of Microsoft's developers, putting my password at risk in such a careless, haphazard manner! What were they thinking?

I'm guessing they implemented the reveal option here because network passwords can be unusually long and complex-- and troubleshooting network connectivity is difficult enough even without factoring in the inevitable password typos. But are network passwords really so different from any other type of password? After using this dialog a few times, I began to see how useful the reveal password option truly was. If you think you've made a mistake entering your password, tick the reveal box and find out. It's quite a time saver compared to typing in your password in blindly two, three, or even four times before getting it right. I don't know about you, but that happens to me at least a few times a day on average.

I've come full circle. I now think the password reveal option should be available on all login dialogs.

It's awfully convienient, and it doesn't seem particularly risky to me. Nobody leaves their password typed in and waiting to be revealed on the login screen. If you're in a public place, you simply refrain from using the reveal option. But at home or in a private work area, why not opt to reveal your password? Traditional GUI password obfuscation is a nice convention, but it's not the alpha and omega of password security. Far from it. If criminals really want to get your password, they'll be watching your fingers on the keyboard or using keylogger hardware.

Related posts

There is no longer any such thing as Computer Security

There is no longer any such thing as Computer Security

Remember “cybersecurity”? Mysterious hooded computer guys doing mysterious hooded computer guy... things! Who knows what kind of naughty digital mischief they might be up to? Unfortunately, we now live in a world where this kind of digital mischief is literally rewriting the world’s history. For proof of that, you

By Jeff Atwood ·
Comments
Hacker, Hack Thyself

Hacker, Hack Thyself

We’ve read so many sad stories about communities that were fatally compromised or destroyed due to security exploits. We took that lesson to heart when we founded the Discourse project; we endeavor to build open source software that is secure and safe for communities by default, even if there

By Jeff Atwood ·
Comments
Let’s Encrypt Everything

Let’s Encrypt Everything

I’ll admit I was late to the HTTPS party. But post Snowden, and particularly after the result of the last election here in the US, it’s clear that everything on the web should be encrypted by default. Why? 1. You have an unalienable right to privacy, both in

By Jeff Atwood ·
Comments

Welcome to The Internet of Compromised Things

This post is a bit of a public service announcement, so I'll get right to the point: > Every time you use WiFi, ask yourself: could I be connecting to the Internet through a compromised router with malware? It's becoming more and more common to see

By Jeff Atwood ·
Comments

Recent Posts

Stay Gold, America

Stay Gold, America

We are at an unprecedented point in American history, and I'm concerned we may lose sight of the American Dream.

By Jeff Atwood ·
Comments
The Great Filter Comes For Us All

The Great Filter Comes For Us All

With a 13 billion year head start on evolution, why haven’t any other forms of life in the universe contacted us by now? (Arrival is a fantastic movie. Watch it, but don’t stop there – read the Story of Your Life novella it was based on for so much

By Jeff Atwood ·
Comments
I Fight For The Users

I Fight For The Users

If you haven’t been able to keep up with my blistering pace of one blog post per year, I don’t blame you. There’s a lot going on right now. It’s a busy time. But let’s pause and take a moment to celebrate that Elon Musk

By Jeff Atwood ·
Comments
The 2030 Self-Driving Car Bet

The 2030 Self-Driving Car Bet

It’s my honor to announce that John Carmack and I have initiated a friendly bet of $10,000* to the 501(c)(3) charity of the winner’s choice: By January 1st, 2030, completely autonomous self-driving cars meeting SAE J3016 level 5 will be commercially available for passenger use

By Jeff Atwood ·
Comments