А вот человек предлагает открыться и прекратить маскировать пароли буллитами и звездочками.
It's time to show most passwords in clear text as users type them. Providing feedback and visualizing the system's status have always been among the most basic usability principles. Showing undifferentiated bullets while users enter complex codes definitely fails to comply.
Most websites (and many other applications) mask passwords as users type them, and thereby theoretically prevent miscreants from looking over users' shoulders. Of course, a truly skilled criminal can simply look at the keyboard and note which keys are being pressed. So, password masking doesn't even protect fully against snoopers.
More importantly, there's usually nobody looking over your shoulder when you log in to a website. It's just you, sitting all alone in your office, suffering reduced usability to protect against a non-issue.
Stop Password Masking
В статье предлагается отринуть древние предрассудки и показывать пароли в формах открытым текстом. А для людей, опасающихся покражи пароля, а также для применения в общественных местах - сделать галочку "скрывать пароль".
Ничего святого, блин.