WordPress.org

Ready to get started?Download WordPress

Forums

WordPress password unmask (19 posts)

  1. webvitaly
    Member
    Posted 1 year ago #

    On WordPress.com registration page password is unmasked.
    Unmasked password is very usefull for user:

    • because user will avoid errors in password while typing it
    • it is easy for user to indicate if CAPS LOCK is enabled
    • it is easy to indicate if another language is turned on (popular for users in non English-speaking countries)
    • user does not have to type password twice

    Unmasked password does not increase security because there are no spies behind user while user is registering.

    It would be good for users to add the same approach into WordPress core.

  2. Unmasked password does not increase security because there are no spies behind user while user is registering.

    How do you know?

    Think about how many people do work in public places :)

  3. webvitaly
    Member
    Posted 1 year ago #

    How many users will install WordPress on public computes with unknown people behind their backs?

    But if somebody will do it he or she can simply toggle the password visibility button like on WordPress.com registration page.

    This feature already made on WP.com and it is very useful for users. It would be good to have it in WordPress core code.

  4. Andrew
    Forum Moderator
    Posted 1 year ago #

    How many users will install WordPress on public computes with unknown people behind their backs?

    That is the question, how do you know?

  5. A toggle would be fine, defaulting to hidden. :) But still, it's not something that should be default shown.

  6. webvitaly
    Member
    Posted 1 year ago #

    @Mika: I am glad that you agreed with something :-) . Sometime ago I was thinking the same - that password should be hidden. But when I saw how it is hard sometimes for users to type passwords blindly and how many errors they make I undertood that unmasking password is the best solution. l am glad that this approach already works on wp.com registration form. It would be awesome to have this feature in WordPress core.

  7. My password is ⌘\ for what it's worth.

    If someone can make that a plugin, we can see how popular it is.

  8. webvitaly
    Member
    Posted 1 year ago #

    I already made a plugin which unmask password :) And it is not popular.

    But IMHO we should not rely on users opinion in this case.

    As Henry Ford said:

    If I'd asked my customers what they wanted, they'd have said a faster horse.

    It is better to rely on professionals in usability.
    As Jacob Nilsen said:

    Usability suffers when users type in passwords and the only feedback they get is a row of bullets. Typically, masking passwords doesn't even increase security, but it does cost you business due to login failures.

  9. I love Jakob, but he's right and he's wrong. Also, read all of what he said:

    Yes, users are sometimes truly at risk of having bystanders spy on their passwords, such as when they're using an Internet cafe. It's therefore worth offering them a checkbox to have their passwords masked; for high-risk applications, such as bank accounts, you might even check this box by default. In cases where there's a tension between security and usability, sometimes security should win.

    So is WordPress high risk? Not in and of itself, no. Is there a high likelihood someone will use the same password on all their Internet accounts? Yes. Can I hack your domain with your WP password? Yes.

    If I have the admin password to your WP account, I can tweak a plugin to read your config file, get the SQL password, and merrily destroy your server. So yeah, hide the dang password! It's safer.

    WordPress.com doesn't let you mess with SQL so it's safer.

  10. webvitaly
    Member
    Posted 1 year ago #

    Ok, I got your point.

    Lets assume that there are button for toggling password visibility.
    Lets assume that there are about 5% (I would fairly say 1%, but let it be 5%) who works on public computers. And 95% work at private computers (work or home). And you are trying to say that it is better for that 95% to click button to unmask the password field than just for 5% to click to mask? IMHO it is not right and it will not increase security. But if you think so I will not argue about it no more.

    I started this discussion because I think it is important and it would be useful for users.
    It would be great to have toggle password visibility button in the WordPress core because in some cases it is impossible to make via plugins.

  11. It would be great to have toggle password visibility button in the WordPress core because in some cases it is impossible to make via plugins.

    Except in this case it's not :)

    http://wordpress.org/extend/plugins/wordpress-show-password/

    Does that too.

    And you are trying to say that it is better for that 95% to click button to unmask the password field than just for 5% to click to mask?

    Yes.

    I work for a WebHost. I see, first hand, how stupid, insecure, and oblivious people are. If I can reduce that by hiding passwords by default and making them work to show 'em, you bet your bippy I will :)

  12. Aaron D. Campbell
    Member
    Posted 1 year ago #

    Just thought I'd weigh in here with my 2¢.

    First, if you're main goal is to help people that accidentally have capslock on, just use a little JS to warn them. Something like this should do the trick (although this could be rewritten to not require jQuery on the login page):

    jQuery('#user_pass').keypress( function(e) {
    	if ( ( e.keyCode >= 65 && e.keyCode <= 90 && !e.shiftKey ) ||
    	     ( e.keyCode >= 97 && e.keyCode <= 122 && e.shiftKey ) )
    		console.log('Capslock is ON - Display warning');
    	else
    		console.log('Capslock is OFF - Hide warning');
    });

    You also said "How many users will install WordPress on public computes...". The question isn't about installation, it's about where a user will log in from. I often log in at friends houses, public places like my son's school, and even when giving a talk at conferences (where my screen is blown up on the big screen for all to see).

    Additionally, you said that 95% of people would click the switch to show the password. I'm assuming that's a made up stat based solely on how you feel, because that seems really far off. Not everyone that *could* safely show their password *would*. This brings me to my last point.

    I'm one of those people that *could* should my password pretty often, but never *would*. There would be no benefit there. If you're doing security right, you should be using a password manager anyway, which fills it in for you. Other than that, I'd hate to display a password only to find myself in a situation where I'm typing in my password when someone is around and didn't realize I had previously checked the box and now my password is visible.

    In the end, if you have a user base that needs this, pointing them to your plugin seems like a great solution. However, I definitely think this is plugin territory and not something that should be in core.

  13. webvitaly
    Member
    Posted 1 year ago #

    CAPSLOCK is not the only problem while typing password blindly. There are also: could be enabled another language, or user was interrupted while typing the password (and now should start to type again), or user cold make mistype error on long password, etc.

    I definitely think this is plugin territory and not something that should be in core

    Login form could be changed with plugins. But registration form could not.

  14. Andrew
    Forum Moderator
    Posted 1 year ago #

    You could do that mobile phone thing where it briefly shows you the letter you type (per letter) in a password field.

  15. webvitaly
    Member
    Posted 1 year ago #

    @Andrew Navins: how can I do that thing with password like on mobile phones?

  16. Andrew
    Forum Moderator
    Posted 1 year ago #

  17. webvitaly
    Member
    Posted 1 year ago #

    @Mika Epstein: By the way, on WordPress installation process the password to database is unmasked, but the password for new username is masked and user should enter it blindly twice. IMHO it is not logical.
    Do you think that password for database should be masked too or password for user should be unmasked?

  18. ReneODeay
    Member
    Posted 1 year ago #

    this was great discussion, found a couple plugins I can use on my localhost installs. using MAMP. can't tell you how many WP installs I have lost the passwords for, this will be so useful. one computer blew the harddrive, and tho I had a full backup the passwords did not work on the restores. just had to delete them and start over, but with the show the password plugins.... well, that'll save a lot of future experiments and time.
    So thanks.

  19. RankPowerSEO
    Member
    Posted 1 year ago #

    Ipstenu -

    I work for a WebHost. I see, first hand, how stupid, insecure, and oblivious people are. If I can reduce that by hiding passwords by default and making them work to show 'em, you bet your bippy I will :)

    I agree.

    At the end of the day, if someone is installing a blog on a public computer then they have much larger issues at hand. :)

Topic Closed

This topic has been closed to new replies.

About this Topic