My friend Dave C over at Djinn Software forwarded me Jakob Nielsen's Alertbox for today and it got me thinking. Since I can't comment on the Alertbox directly (hate that!) I figured it was worth a blog post.
Jakob Nielsen contends that password masking is poor usability. You know when you enter your password and get the little asterisk symbols instead of being able to see what you're actually typing? That's what he means by password masking. I disagree.
Jakob Nielsen writes:
"Generally, I recommend adhering to conventions. Do what users expect, and they can concentrate their brainpower on understanding your products and offers instead of struggling with the user interface.
But password masking and Reset buttons are not something users actively seek out. Losing these features won't cause confusion, nor will their replacements: the new features will simply be clear text (in the first case)..."
Why do I disagree? Password masking might not be necessary from a security perspective but it IS what users expect. And to remove the masking and make the password visible...well I think that would raise concerns from all sorts of people questioning whether the site was secure.
I have occasionally seen sites/applications give the user the option of displaying real characters instead of asterisks. But the default is always to mask the password and let the user decide.
I can see the issue with password error on mobile devices. The iPod Touch does a good job of briefly showing you the character and then converting it to an asterisk. So you know if you've made a mistake before you hit enter.
The Alertbox seems to indicate that even on desktops users make mistakes and that leads to feeling less confident, using simple passwords, or cutting/pasting passwords from a file. If I could comment directly on the article I'd ask if that conclusion is from actual user testing or not. It seems to me that password masking is so commonplace the majority of people know exactly what it means and how to use it.
It's an interesting Alertbox but at this point I won't be recommending any changes to password masking on sites I work on.
that is nice and its so awesome from some one can get helpfull from it.
Posted by: UGGS Sale | November 15, 2011 at 10:04 PM