Reveal typed password characters to users during login #6305
Comments
|
I know two variants of this eye button:
I think the 2nd variant is more secure. Would it be sufficient? |
|
I would suggest to implement this feature after #5528 has been finished, because PrimeFaces 10 (we currently still use version 8) introduced a |
I'm fine with both options, with a slight preference for the first variant as it seems more comfortable to use and I don't expect any regular onlookers in the first place. But there may be other scenarios where screen security is more important. |
Thank you for pointing this out. Your suggestion is quite reasonable. |
|
The changes proposed here should also be applied to the respective fields in the dialog box to change a user's password. |
Is your feature request related to a problem? Please describe.
On the login screen, the password field obfuscates the entered characters. This is good for scenarios, where possible bystanders could read a password while it is typed in. But it makes it harder for users to type passwords as they cannot check for possible typos.
Describe the solution you'd like
It is considered good practice to have a small eye-button at the end of the password field. Clicking that button allows users to switch from a obfuscated password display to a clear display on the entered characters. Users can control this depending on the situation (are they alone in their office) and their need for typo-checking.
Describe alternatives you've considered
Copy-pasting passwords is cumbersone and error-prone on its own.
Additional context
Apparently their are bigger issues(#456) concerning handling of passwords in Kitodo but this is out of scope here. This issue is only concerned with the display of passwords towards users in the login form.
The text was updated successfully, but these errors were encountered: