On 05/03/2013 10:59 PM, Matthew Garrett wrote:
On Fri, May 03, 2013 at 10:36:51PM -0400, Rahul Sundaram wrote:
I was referring to the decision to
show the password in full when the user is typing it.
Many UI decisions are unprecedented. That doesn't justify reopening bugs
that the maintainer has closed. If you want to have a discussion about
whether or not this is a reasonable UI decision, do so somewhere other
than Bugzilla.
In all seriousness, this is a substantial UI decision that requires a
commensurate change in user behavior---it shouldn't be dismissed so
easily as marking it NOTABUG.
Another example of such important change that recently appeared without
recourse and much discussion is the lock screen: previously, the
password unlock widget had focus so one could start typing the password,
while the new behavior is that the focus is in the clock, and one needs
to hit Esc or Enter. I understand the security tradeoffs: the former
behavior is conditioning people to carelessly type passwords in the
blind, so they are more vulnerable to fake authentication dialogs, while
the new one almost uses the SAK (secure attention key) paradigm. Still,
the user behavior change is significant and I keep making mistakes even
though I understand and agree with the new scheme.
By the way, does Gnome have a SAK? I don't think Esc is a true SAK, but
maybe I am wrong about it?
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
