Text only | Text with Images

Networking-Forums.com

General Category => Blogs of Interest and Note => Topic started by: Netwörkheäd on July 19, 2017, 12:03:26 PM

Title: Schneier- Password Masking
Post by: Netwörkheäd on July 19, 2017, 12:03:26 PM
Password Masking

Slashdot asks if password masking -- replacing password characters with asterisks as you type them -- is on the way out. I don't know if that's true, but I would be happy to see it go. Shoulder surfing, the threat is defends against, is largely nonexistent. And it is becoming harder to type in passwords on small screens and annoying...
   
   

Slashdot asks if password masking -- replacing password characters with asterisks as you type them -- is on the way out. I don't know if that's true, but I would be happy to see it go. Shoulder surfing, the threat is defends against, is largely nonexistent. And it is becoming harder to type in passwords on small screens and annoying interfaces. The IoT will only exacerbate this problem, and when passwords are harder to type in, users choose weaker ones.


Source: Password Masking (//)
Title: Re: Schneier- Password Masking
Post by: dlots on July 19, 2017, 01:18:55 PM
I think it should be optional, I do way to much skype/webex stuff to want to take away password masking.

Personally I would prefer a 2 factor auth method, a simple password and hit an app built into the browser that puts in the 2ed part of the authentication.
Title: Re: Schneier- Password Masking
Post by: deanwebb on July 19, 2017, 01:29:49 PM
When I type in a complicated password and make a mistake on the 21st of 24 characters, I can never be sure it was EXACTLY that character... so I have to backspace back to the start and try again. Being able to see my password would be great there.

On the other hand, screen shares with vendor TAC... do I need them to see my passwords? No. I do not. Keep the bullets over the characters, there. Also, there are programs where one guy enters a password for a system account to use, but the other admins of the system are not allowed to know that password. Another reason to keep the bullets.
Title: Re: Schneier- Password Masking
Post by: icecream-guy on July 19, 2017, 02:08:06 PM
in winders one can setup hot keys,  create hot key with the first 24 characters of your pass phrase, then you can manually type in the last 8.
just make the hot key come crazy combination?

Title: Re: Schneier- Password Masking
Post by: Otanx on July 19, 2017, 03:20:17 PM
Just do the masking like it is done for wifi on Windows. By default it is masked as you enter it. Then there is a check box right below the text box that says "show text". Have the best of both.

-Otanx
Text only | Text with Images