ansaurus

Question

Answer 1

A:

If I may, I don't think it's a great idea to show the password in text, for the following reasons:

It's not commonly done, so it will be confusing to the user
It means you are open to over-the-shoulder viewing of the password

I also think, if you just want to help users avoid typos, give them more chances before the password is disabled. I think the typical "3" that most sites implement is not really required, I'd suggest "10" attempts, or perhaps "5", if you wish to be really conservative, is quite acceptable. Just count it down for them, and let them resolve typos on their own.

Just my humble opinion.

Noon Silk 2009-09-05 11:53:20

By default the password is hidden, of course. If user is clicking the link labeled "Show me the letters what I just typed into that password field because I am not sure that I typed them right", chances are high that he understands what he is doing and he knows what will happen next :)

n1313 2009-09-05 11:57:49

Even still, it feels wrong to me. Each to his own though.

Noon Silk 2009-09-05 11:58:50

Even programs where security is very important like TrueCrypt and password safe have features for enabling the password to be shown. Especailly in situations where the user could be using a very long or complex password/passphrase, being able to see the password can be a very good feature. I agree with N1313 that the person clicking on it would must likely check for shoulder surfers before clicking on the button to reveal the password.

Kibbee 2009-09-05 12:19:35

Kibbee: I don't disagree. Each to his own.

Noon Silk 2009-09-05 12:29:43

Instead of limiting the number of responses, you could add a sleep for 2-3 seconds before responding that the password is wrong. It's a very tolerable wait for a human, but it greatly reduces the efficiency of any attempts to brute force the password.

Guffa 2009-09-05 12:42:37

Answer 2

+2 A:

You can do something like this:

<input type="password" id="password">
<input type="checkbox" onchange="document.getElementById('password').type = this.checked ? 'text' : 'password'"> Show password

Gumbo 2009-09-05 11:55:39

It works! Unbelievable. It seems that my problem was in jQuery that I am using. By some reason it did not allow me to do this trick.

n1313 2009-09-05 12:10:51

this will most likely not work correctly in IE

code_burgar 2009-09-05 12:20:29

More than likely. I have confirmed that it doesn't work at all in IE.

Guffa 2009-09-05 12:36:03

Answer 3

+1 A:

I have never tried this myself but can't you just access the value property of the element?

if you have something like...

<input id="pw" name="pw" type="password" />

Then in JavaScript / jQuery...

var pass = document.getElementById('pw').value;

$('pw').val()

Fraser 2009-09-05 11:57:03

See: http://www.w3schools.com/htmldom/dom_obj_password.asp

Fraser 2009-09-05 11:58:10

Wait, what. I am pretty sure that I tried this before posting the question and it didn't work out, but now it does. WTF. Needs more checking!

n1313 2009-09-05 12:05:02

ansaurus

tags:

views:

answers:

"Show password as text" control

related questions