Eloy Muñoz Salinas Portfolio
  • Eloy Muñoz Salinas ///// UI-UX Expert
  • Blog
Select Page

Do we need Password Masking?

by EloyMunoz | Nov 7, 2010 | Usability | 0 comments

 

Last year, Usability guru Jakob Nielsen, published his expert opinion on an issue that I had been thinking about for a while, the need of password masking. 

I, being an advocate of password masking myself found very interesting Jakob Nielsens findings. The password masking is merely a screen protection technique, therefore, when you press enter, the password might be sent as plaintext in HTTP so the password masking wont help much security wise in this case.

Here is the deal, it is true that you need to log into websites when you have potential observers (lets say an airport, a restaurant or similar). In this cases you will feel better if nobody sees what you are typing on the screen (even though, as Jakob Nielsen says, “a truly skilled criminal can simply look at the keyboard and note which keys are being pressed”). As an alternative for users that might need the password masking, he suggests a checkbox so that people can turn on and off whenever is needed. I personally like the checkbox concept too, but not only to drive into security paranoia to some users, but also as a way to help users get used to something new.

Jakob Nielsen talks about password masking as an oppose to the basic usability principles, and that is true, but the problem here is that this has been the norm of any login on the internet so far, being right or wrong is what people are “used to” so we need to “train them” into using something new. 

The checkbox idea is a good one and I truly believe it does not add complexity to the form, I would take away the Remember Password checkbox (which is useless most of the times anyway) and visually it wont add anything that will disturb the standard look of a login. I will have the password masking checkbox checked by default so like that you don’t interfere with the user flow and whenever this one gets into trouble he/ she can uncheck the checkbox. As an additional note, I would still use the onkeydown/ onkeypress to check if Caps Lock is on and, if so, display notice (I found it always very useful, not that I ever left the Caps Lock on…).

Jakob Nielsen, also says that he noticed these usability issues with password masking. I personally find the approach from Apple (iPhone, iPad and iPod touch) quite acceptable already which is to unmask the last letter you typed, this is already a good compromise specially since people use these portable devices on the go most of the time. Well done Apple.

As the usability Guru says “Let’s clean up the Web’s cobwebs and remove stuff that’s there only because it’s always been there.”

Submit a Comment Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Blog
  • Think about your Web Design (Part I)
  • Image metadata for SEO?
  • Love music, Rdio vs. Spotify
  • Reading on the digital times.

Recent Comments

  • RaymondRak on Linking
  • DelazarulcefDure on Linking
  • Mamukcob on Linking
  • Sanchonuh on Linking
  • NasibEmasy on Linking

Archives

  • April 2019
  • June 2011
  • May 2011
  • April 2011
  • February 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010

Categories

  • Corporate
  • Design
  • Drupal
  • Ideas
  • News
  • Opinion
  • Opinions
  • Organize
  • SEM
  • SEO
  • Strategy
  • Uncategorized
  • Usability
  • Web

Basic Menu

  • Eloy Muñoz Salinas ///// UI-UX Expert
  • Blog

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
Eloy Muñoz Salinas
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT