After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 667370 - Wifi password dialog should show the password in clear text by default
Wifi password dialog should show the password in clear text by default
Status: RESOLVED OBSOLETE
Product: gnome-shell
Classification: Core
Component: general
3.24.x
Other Linux
: Normal normal
: ---
Assigned To: gnome-shell-maint
gnome-shell-maint
Depends on:
Blocks:
 
 
Reported: 2012-01-05 17:15 UTC by Jean-François Fortin Tam
Modified: 2021-07-05 14:40 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Jean-François Fortin Tam 2012-01-05 17:15:06 UTC
In 3.2, the option to show what you're actually typing in as the wifi password is gone.

Not only is this a usability regression, I would argue that the password should actually not be masked at all by default (or that the state of the "Show password?" toggle be remembered).

My guess is that the feature removal in 3.2 was an attempt at enforcing hiding wifi passwords from people looking at your screen. However, as I understand it this provides no actual security:

- If you're at home, the only people looking at your screen would either be family members or friends. You probably gave them the password a dozen times already. If you cannot trust them with access to your wifi, you may have a social problem here :)
- If you are connected to a projector in a conference... everybody knows the conference's wifi password. And the password auth dialog should be on your main screen, not on the projector, anyway.
- If you are in a coffee shop, the password is, again, public.
- Etc.

I can't think of a case where you actually need to visually protect your password. This is not your machine login or email account password!



On the other hand, I can think of many reasons why you actually do want to see the password in clear text by default:

- You are using a keyboard layout that does not match the keys physically etched onto the keyboard. Easy example: Dvorak.

- The passhrapse is a stupidly long and complex one, prone to typos. Like "3589709129051348972369837145987234" or "Hey stop looking at my screen!!!!1". I'm not exagerating, I see that kind of stuff regularly.

- You're using a tiny onscreen keyboard and you are never sure whether or not you pressed the right letter. No, showing the last letter for one second doesn't work either from the accessibility or security standpoint.

- You have a motor disability or dyslexia (or some other accessibility problem) that makes you prone to misstype.
Comment 1 Lionel Dricot 2012-01-05 17:22:28 UTC
I wholeheartedly agree with that request. In Belgium, some providers give you Wifi router with stupidly long passphrase and no way to change them.
Comment 2 Giovanni Campagna 2012-01-05 17:24:21 UTC
Right click / long press the entry, click "Show text".
Comment 3 Jean-François Fortin Tam 2012-01-05 17:28:05 UTC
Right-clicking is not discoverable (hell, I'm a geek and never ever thought of that, my family or friends certainly wouldn't). 

Even then, I'm arguing for not obfuscating wifi passwords by default anyway.
Comment 4 Giovanni Campagna 2012-01-05 18:01:18 UTC
Well, it's a password, people expect it to be hidden, even if we all know it means nothing.
In any case, up to the designers to decide.
Comment 5 Felipe Erias Morandeira 2012-03-01 11:27:24 UTC
Jakob Nielsen suggested to stop masking passwords some time ago. His argument is that usability suffers when users type in passwords and the only feedback they get is a row of bullets. Typically, masking passwords doesn't even increase security because snooping is a non-issue in most cases, and also because it leads users to employ overly simple passwords to reduce the chance of error.

Users are sometimes truly at risk of having bystanders spy on their passwords, so it's worth offering them a checkbox to have their passwords masked. For high-risk applications (obviously not the case of the wifi password), this box may be checked by default.

http://www.useit.com/alertbox/passwords.html

I support to show the password in clear by default and provide a checkbox to optionally hide it.
Comment 6 Travis Reitter 2012-10-30 17:48:18 UTC
(In reply to comment #0)
> I can't think of a case where you actually need to visually protect your
> password. This is not your machine login or email account password!

I think some conferences (though, rarely) provide a separate WiFi network for speakers to hopefully give them a better chance of having a usable network for demos. Of course, the speaker could type in the password and connect before presenting in most cases, or we could just have a "hide password" checkbox that's unchecked by default. Then we could even handle the case where someone is demoing the capability but doesn't want to expose the network password.

(In reply to comment #5)
> I support to show the password in clear by default and provide a checkbox to
> optionally hide it.

Sounds good to me.
Comment 7 Jean-François Fortin Tam 2012-10-31 02:27:19 UTC
> the speaker could type in the password and connect before
> presenting in most cases, or we could just have a "hide password"
> checkbox that's unchecked by default

That approach does not really satisfy me from a usability standpoint, if we can avoid showing a manual toggle option for it. I think there might be a more clever/automagic approach to cover the edge case you just mentioned:

- if using multiple screens in "clone" mode, hide the password
- if using a single screen, or multiple screens in "extended" mode, only show the password prompt on the laptop screen, without obscuring the characters.

Problem solved :)
Comment 8 Sam Thursfield 2013-07-10 10:17:25 UTC
Hiding this functionality behind a right-click menu on the password entry box is inconsistent with the rest of Gnome Shell's design. On almost every other UI element, a right-click either triggers the same action as a left-click or is ignored (I think icons in the dock are the only other exception).
Comment 9 Jean-François Fortin Tam 2013-09-06 18:30:09 UTC
For what it's worth, I noticed from trying out a Windows 7 laptop a few days ago that MS actually tackled the same problem from a slightly different perspective: cleartext by default, with a checkbox "[  ] Hide password" below.

(I still can't imagine a case where users would actually want to hide the wifi password while typing it on their own screen though)
Comment 10 GNOME Infrastructure Team 2021-07-05 14:40:34 UTC
GNOME is going to shut down bugzilla.gnome.org in favor of  gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/

Thank you for your understanding and your help.