I understand if you don't want to fix this bug for the reasons you stated (you would get complaints), but I have a problem with this line:
"I would get complaints citing security (i.e. you can look over somebody's shoulder and see the number of characters in their password)." Anyone standing next to you who wants to know the number of characters in your password can just listen for the number of clicks on your keyboard, no matter how fast you type. And if you have a really long password (13 characters, for example), can someone really tell the difference at a glance between 13 asterisks side-by-side and 11 asterisks side-by-side? How easy would it be to crack a password knowing that it has 13 characters in it? By the way, you can also, in addition to listening to the number of clicks on the keyboard, actually look at the keyboard itself to see what keys are being hit or which side of the keyboard is being typed on during different parts of the password. That won't give you the whole password, obviously, if the person entering it types quickly, but knowing one or two characters in addition to how many key clacks is far more useful to compromising security than just seeing a bunch of asterisks. Again, I understand why you won't fix it (people will get all upset, because this is the way it's always been), but can we please stop pretending it's about security. It'd also be great if this was changed from "invalid" to "won't fix." It's not an invalid bug. It's a usability bug that exists. -- Lack of visual feedback on password entry https://bugs.launchpad.net/bugs/52914 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
