Open Bug 662222 Opened 14 years ago Updated 2 years ago

Provide a way for the user to see/edit the text in a password field without it being replaced by the placeholder dots

Categories

(Core :: Layout: Form Controls, enhancement)

enhancement

Tracking

()

People

(Reporter: briansmith, Unassigned)

Details

(Keywords: ux-efficiency, ux-error-prevention)

+++ This bug was initially created as a clone of Bug #662220 +++ Editing passwords in a form is complicated by the fact that the passwords are obscured as dots to make shoulder surfing more difficult. I have noticed that some people (me included) often paste a password into the address bar and/or the search box in order to read and edit it, but this is not safe: 1. If you paste your password into the serach box, then auto-suggest will result in your password being sent to the default search engine in the clear (usually Google), exposing it to the search engine provider and any man-in-the-middle. 2. The same thing would happen in the address bar, if/when search suggestions are available there. E.g. if the Twitter address bar extension implemented auto-complete, any passwords that start with "#" or "@" would get sent in the clear to Twitter. Besides being unsafe, it is inefficient. It would be better to give the user the option of showing the actual text of the password field instead of the placeholder dots, though the placeholder dots should be the default.
Presumably we want a context-menu item specific to password fields for "Show Password" (and conversely Hide Password, or make it checked menuitem?). Not sure what the best way to hold state is... We could make it a CSS property (-moz-obscure-password), or make it only accessible to chrome (QI the field to something, twiddle a property). I'd tend to think the latter -- I don't know of a good reason to expose this capability to content (not that it's likely to be much of a security issue). I suppose we could also just flip the type from "password" to "text", but I'd rather not mess with content (that could also confuse the password manager). Couple of other random thoughts: * When the password is exposed in the clear, should selecting and copying it copy the plaintext value or "*****" as it does right now? Seems like it should copy the plaintext value. * Should an exposed password be styled differently than a normal text field? * Some people will likely freak out that this allows someone to walk up, start to log in to a site and then reveal your password. (We get this all the time for the password manager list in prefs). I think I don't care, though. :)
There is an extension that does this kind of thing: https://addons.mozilla.org/en-us/firefox/addon/show-my-password/
Windows 8 has a little "show my password" icon within password fields that only shows the password while you're holding down the button. Something like that would be nice to have in Firefox. At the moment, I just use the devtools inspector to change the type of the password field from "password" to "text", which makes the password visible. http://www.uxcandy.net/wp-content/uploads/2012/09/windows8-showpassword.jpg
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.