Comments on: Terrible Password Security Advice From Jakob Nielsen

By: Alex Burke

Alex Burke — Wed, 29 Jun 2011 21:21:37 +0000

If we want users to start using longer passwords, there will be more typos, and making the PW probably doesn’t accomplish much, except guard against video signal interception from 500 feet away.

By: Malik

Malik — Fri, 04 Feb 2011 05:15:46 +0000

Well, you could let the users decide if they want their password inputs, masked or not. May be via a checkbox that is always off(masking enabled) by default.

Anywhoo, nice post thank you.

By: Acerca del Password Masking (enmascaramiento de passwords) | El Blog de Rene Silva

Sat, 27 Nov 2010 20:57:48 +0000

[...] colocar tu password no significa que esté mal enmascarar los passwords”.Acá las respuestas:Terrible Password Security Advice From Jakob NielsenSecurity Experts Argue over Dropping Password Masking ProposalResponse to Nielsen’s [...]

By: Pravas R Mohanty

Pravas R Mohanty — Fri, 17 Sep 2010 10:58:43 +0000

If need a password , I can easily trap the key by agent hooking..

By: Pravas R Mohanty

Pravas R Mohanty — Fri, 17 Sep 2010 10:43:10 +0000

It should be NULL or any password

By: SayWhatMobius

SayWhatMobius — Tue, 11 May 2010 18:22:22 +0000

After reading Mobius’ reply, I am left scratching my head. Yet another example of someone who thinks they have a clue, yet really don’t. I would rather support 5k users locking their accounts out due to password mistakes rather than risk just one of them compromising their account by typing a password in during a presentation or similar. Supporting locked out accounts is better than trying to deal with compromised data, especially on an enterprise level.

That 100 hours you spent studying the web and security were wasted.

By: zithromax dosage

zithromax dosage — Thu, 24 Dec 2009 00:16:59 +0000

Valuable thoughts and advices. I read your topic with great interest.

By: Klaus Johannes Rusch

Klaus Johannes Rusch — Thu, 23 Jul 2009 07:55:48 +0000

The checkbox to reveal the password may be a reasonable compromise for those having difficulty typing passwords, but not as the default.

For Websites that don’t offer an option to reveal passwords (most) there are simple JavaScript solutions.

By: Pharrisee

Pharrisee — Fri, 03 Jul 2009 00:51:47 +0000

One thing to bear in mind with Jakob Nielsen is that unless he keeps finding usability issues his income stream shrinks pretty darn quick.

By: Twitted by sahate

Twitted by sahate — Tue, 30 Jun 2009 09:15:57 +0000

[...] This post was Twitted by sahate [...]