Do you think this is a security risk and if not is it a bad UI decision?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

In the latest Fedora 19 Beta TC2 install after I got through the
initial steps of the install I started to setup my root password.

To my surprise my password was shown in plain text instead of bullets.

I believe that this is a major security risk and that this is a new UI
change going forward and this is not a bug.

Do you think this is a good idea?

What if you are installing and someone is looking over your shoulder
and you don't know about this new "UI improvement"?

Someone would see a password that you may or may not often use whether
it's secure or not.

Even if someone watched you type the password or recorded it with a
camera, that would be harder to decrypt than just showing it in plain
text while you type it in to anaconda.

In addition, it was stated that this is becoming a "popular" UI
enhancement but there was no documentation provided as to where this
is popular. In my experience you would click on an icon next to the
dialog box if you wanted to see the password. This is what is becoming
popular. Not showing it as plain text while you type.

Thoughts?

Dan
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux