[Python-ideas] Password masking for getpass.getpass
Chris Angelico
rosuav at gmail.com
Wed Jan 13 05:19:41 EST 2016
On Wed, Jan 13, 2016 at 9:04 PM, Steven D'Aprano <steve at pearwood.info> wrote:
> On Wed, Jan 13, 2016 at 01:22:02PM +1100, Chris Angelico wrote:
>> On Wed, Jan 13, 2016 at 1:17 PM, Oleg Broytman <phd at phdru.name> wrote:
>> > Hi!
>> >
>> > On Wed, Jan 13, 2016 at 12:54:14PM +1100, Steven D'Aprano <steve at pearwood.info> wrote:
>> >> The old convention on Linux and Unix is to just suppress all feedback,
>> >> but even on Linux GUI applications normally show bullets ??? or asterisks.
>> >
>> > Modern GUIs show the real character for a short period of time and
>> > then replace it with an asterisk.
>>
>> Ugh. I've only seen that on mobile devices, not on any desktop GUI,
>> and I think it's a sop to the terrible keyboards they have. I hope
>> this NEVER becomes a standard on full-sized computers with real
>> keyboards.
>
> I don't know... I'm about 35% convinced that obfuscating the password is
> just security theatre. I'm not sure that "shoulder surfing" of passwords
> is a significant threat.
>
> But the other 65% tells me that we should continue to obfuscate.
In some situations it's absolutely appropriate to not hide the
password at all. (A lot of routers let me type in a wifi password
unobscured, for instance.) But if you're doing that, then just keep
the whole password visible, same as if you're asking for a user name.
Don't show the one last-typed character and then hide it.
You're quite probably right that obfuscating the display is security
theatre; but it's the security theatre that people are expecting. If
you're about to enter your credit card details into a web form, does
it really matter whether or not the form itself was downloaded over an
encrypted link? But people are used to "look for the padlock", which
means that NOT having the padlock will bother people. If you ask for a
password and it gets displayed, people will wonder if they're entering
it in the right place.
That said, though, I honestly don't think there's much value in seeing
the length of a password by the number of asterisks. Have you ever
looked at them and realized that you missed out a letter? But again,
they're what people expect...
ChrisA
More information about the Python-ideas
mailing list