Skip to content
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Gawker)   Why do websites insist on only showing little dots when you type in your ••••••••?   (gawker.com) divider line
    More: Interesting, Password, User, Access code, Password manager, Lower case, Letter case, Apple TV, Hulu password  
•       •       •

941 clicks; posted to STEM » on 10 Aug 2021 at 8:03 AM (16 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook



34 Comments     (+0 »)
View Voting Results: Smartest and Funniest
 
2021-08-10 5:57:57 AM  
"Presumably our passwords show up as dots to keep the information away from prying eyes"

Obviously
 
2021-08-10 8:04:07 AM  
But I am not an expert on hacking. I am, however, an expert on password dots being annoying.

This is the only sentence you need to read to know everything about the article.
 
2021-08-10 8:07:10 AM  
Password manager solves the problem
 
2021-08-10 8:18:13 AM  
Hunter2
 
2021-08-10 8:20:32 AM  
Anybody too dumb to know why password entry fields display just dots should NEVER EVER WRITE AN ARTICLE ON COMPUTERS AGAIN.

Then they should go live in a cave and try to understand the wheel and fire.

/Your blog sucks
 
2021-08-10 8:21:24 AM  
To keep Big Brother from spying on you.
 
2021-08-10 8:32:56 AM  

NotCodger: "Presumably our passwords show up as dots to keep the information away from prying eyes"

Obviously


Yes. I very rarely have anyone standing over my shoulder watching me log in to anything. On a pc, I never give the password process much thought at all. Trying to enter a password on a cell phone SUCKS.

I do like the sites that give you the option to make it readable.
 
2021-08-10 8:37:56 AM  
I have a benign tremor which means on a tiny cellphone keyboard I often hit the wrong key. If the password field is blanked out and the site is saying it's wrong, did my shaking hand mistype it slightly or am I totally using the wrong one?  Show me what I entered!  I can't be the only one with this issue.
/Some sites/apps don't save passwords for whatever security reason so I do have to actually remember and type them like a neanderthal.
 
2021-08-10 9:04:23 AM  
Even displaying dots is a security issue because it lets black hats know how many characters the pw is. Hence why login on Unix doesn't do that.

/Cootys rat semen.
 
2021-08-10 9:04:27 AM  

transporter_ii: Yes. I very rarely have anyone standing over my shoulder watching me log in to anything.


Of course, if you are doing a presentation at work and your laptop is currently being projected on a screen in a room full of people, or you're in a Zoom meeting, and you need to log in to something, it's nice not having all your co-workers see your password.
 
2021-08-10 9:05:08 AM  

transporter_ii: NotCodger: "Presumably our passwords show up as dots to keep the information away from prying eyes"

Obviously

Yes. I very rarely have anyone standing over my shoulder watching me log in to anything. On a pc, I never give the password process much thought at all. Trying to enter a password on a cell phone SUCKS.

I do like the sites that give you the option to make it readable.


au contraire
I do tech support and reset passwords for clients all damn day.
When I have to log on to their machine to help them find the Any key, I don't want to see their password.
That keeps me from LOLing at their choices more than allowing me to hack into their accounts and steal a few buck.
those dots are to shield that from me. and anyone else watching.
And you never know who is watching.
*Slides Card over laptop camera*
 
2021-08-10 9:09:00 AM  

GregoryD: Password manager solves the problem


No, it doesn't. I use a password manager. Yet this past weekend I got locked out of my NAS for too many failed login attempts.

I was trying to connect with SSH, and the 2 clients I tried (command line and putty) don't allow pasting passwords and don't have an option to show the password. So I'm stuck typing the long awkward password blindly.

Not allowing paste for the password is even worse than not having as option to display the password.
 
2021-08-10 9:18:07 AM  
Ha! My password is just 8 dots.
 
2021-08-10 9:25:31 AM  
I had to enter my SSN on a popular stock trading app, and it was hidden as I typed it. There was no confirm your SSN field, but there was a notice in bold, all caps, that informed me that my number must be correct under PENALTY OF LAW. So stupid.
 
2021-08-10 9:31:49 AM  

transporter_ii: NotCodger: "Presumably our passwords show up as dots to keep the information away from prying eyes"

Obviously

Yes. I very rarely have anyone standing over my shoulder watching me log in to anything. On a pc, I never give the password process much thought at all. Trying to enter a password on a cell phone SUCKS.

I do like the sites that give you the option to make it readable.


They (should) only make it readable while you are typing it.  Auto-filled passwords should never be readable.  If someone jumped on your PC and hit paypal while you went to yell at the barista, they could see your password and use it at their convenience (rather than risking trying to send themselves money right there).
I'm all for well-hidden passwords and extra security on the part of the computer to keep them safe.


/ I remember Lotus Notes used to put 1, 2, or 3 X's for every letter of the password you typed so an overlooker couldn't count the number of characters.
 
2021-08-10 9:32:30 AM  

mcmnky: GregoryD: Password manager solves the problem

No, it doesn't. I use a password manager. Yet this past weekend I got locked out of my NAS for too many failed login attempts.

I was trying to connect with SSH, and the 2 clients I tried (command line and putty) don't allow pasting passwords and don't have an option to show the password. So I'm stuck typing the long awkward password blindly.

Not allowing paste for the password is even worse than not having as option to display the password.


For consoles like that, just use easier to type passwords than the rest.

/ or Windows
 
2021-08-10 9:39:57 AM  
A lot of sites have an eyeball icon in the password field that allows you to see what you entered it.  Don't know if it works on stored passwords...but then, I never store mine.

/purple monkey dishwasher is a bad password.
 
2021-08-10 9:48:38 AM  
Passwords are the worst form of security. I've recently patented a foolproof biometric authenticator. Just stick your finger in and you'll feel a jab like a blood sugar tester. As long as it gets a steady stream of your blood, you stay logged in.

It doesn't take much, so I don't get lightheaded or anything, but my laptop growls a bit if I take too long for lunch.
 
2021-08-10 9:49:39 AM  

iron de havilland: Even displaying dots is a security issue because it lets black hats know how many characters the pw is. Hence why login on Unix doesn't do that.

/Cootys rat semen.


Some of my devices (NAS, Routers, etc.) display varying numbers of dots for each keystroke.  It's enough to let you know that it registered that you've hit a key.
 
2021-08-10 11:13:23 AM  
Open Dev Tools (f12) select the password input, and change <input type""password"> to <input type""text">

You'll be able to see the password then
 
2021-08-10 11:34:33 AM  
I will say that the trend to be able to reveal the password field in the newer environments and such has been helpful.

I was having problems logging into remote console sessions a while back and couldn't figure out why, even though I was carefully typing my password in slowly and deliberately. I finally clicked the reveal password and could see that several of my button presses had been duplicated. Something with VMWare console was causing it to stutter on keyboard input and display twice.
 
2021-08-10 11:47:41 AM  

logieal: Something with VMWare console was causing it to stutter on keyboard input and display twice.


The VMWare Console is one of the most buggy, poorly-implemented versions of a decades-old technology I have ever seen. In addition to the dup problem you pointed out, I've had it do things like insert random line noise into the input stream, simply because I had the audacity to click to a different window and then back again. Or when it decides it will do the opposite of the dup issue, and only accept 1 out of every 3 keypresses.

So yes, trying to input passwords that way, especially for, say, Linux VMs, is a good way to go mad.
 
2021-08-10 11:50:13 AM  
If you look below the box, there's usually a button that says "display password." It takes like...2 seconds.
 
2021-08-10 12:03:59 PM  
Bash.org did it...

<Cthon98> hey, if you type in your pw, it will show as stars
<Cthon98> ********* see!
<AzureDiamond> hunter2
<AzureDiamond> doesnt look like stars to me
<Cthon98> <AzureDiamond> *******
<Cthon98> thats what I see
<AzureDiamond> oh, really?
<Cthon98> Absolutely
<AzureDiamond> you can go hunter2 my hunter2-ing hunter2
<AzureDiamond> haha, does that look funny to you?
<Cthon98> lol, yes. See, when YOU type hunter2, it shows to us as *******
<AzureDiamond> thats neat, I didnt know IRC did that
<Cthon98> yep, no matter how many times you type hunter2, it will show to us as *******
<AzureDiamond> awesome!
<AzureDiamond> wait, how do you know my pw?
<Cthon98> er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
<AzureDiamond> oh, ok.
 
2021-08-10 12:30:13 PM  

mcmnky: GregoryD: Password manager solves the problem

No, it doesn't. I use a password manager. Yet this past weekend I got locked out of my NAS for too many failed login attempts.

I was trying to connect with SSH, and the 2 clients I tried (command line and putty) don't allow pasting passwords and don't have an option to show the password. So I'm stuck typing the long awkward password blindly.

Not allowing paste for the password is even worse than not having as option to display the password.


wth are you doing?  i copy passwords into command line and putty all the time.
its single left click to activate the window then ctrl-V for command line.
single left click to activate then right click for putty.
works fine even on suppressed fields.  you dont see the copied data appear, just like you wouldnt see it be typed, but its there.  just paste and hit enter.
 
2021-08-10 12:32:35 PM  

EasilyDistracted: iron de havilland: Even displaying dots is a security issue because it lets black hats know how many characters the pw is. Hence why login on Unix doesn't do that.

/Cootys rat semen.

Some of my devices (NAS, Routers, etc.) display varying numbers of dots for each keystroke.  It's enough to let you know that it registered that you've hit a key.


ive seen a lot of systems that display dots for characters while you're typing a new PW
but once its successfully set if you go back and look at the account info its always 30 dots or 50 dots or whatever regardless of how long the real PW is
 
2021-08-10 3:23:13 PM  
I understand the dots when I'm entering a password in public at an ATM or a gas pump, but what the everliving f*ck do I need protection from when I'm typing on my cell phone?
 
2021-08-10 4:14:03 PM  

mcmnky: GregoryD: Password manager solves the problem

No, it doesn't. I use a password manager. Yet this past weekend I got locked out of my NAS for too many failed login attempts.

I was trying to connect with SSH, and the 2 clients I tried (command line and putty) don't allow pasting passwords and don't have an option to show the password. So I'm stuck typing the long awkward password blindly.

Not allowing paste for the password is even worse than not having as option to display the password.


CMD allows pasting passwords via right click. It just doesn't show characters on Linux. So you just have to assume it worked.

Although I've switched everything over to private key login and switched off password. Both easier and safer.
 
2021-08-10 5:22:47 PM  
Also, SmarTTY is way better than Putty. And actually sets up key-pairs automatically for you instead of password when you first login. Then you can just double click your named servers to connect.

That feature is a little annoying when you have your own keys to use, but it's great for someone who has only used password before.

And supports OpenSSH so you don't need to fark around with conversion for use in Putty, or setting up config files on Windows.
 
2021-08-10 5:31:04 PM  

SpectroBoy: Anybody too dumb to know why password entry fields display just dots should NEVER EVER WRITE AN ARTICLE ON COMPUTERS AGAIN.

Then they should go live in a cave and try to understand the wheel and fire.

/Your blog sucks


The best solution is a middle ground--masked but with a show password option.  It's especially useful with gobbletygook passwords on a phone or tablet.  Dots if there's any chance of shoulder surfing, but you can show it if you're confident there's no observer.  (For example, I'm in a room with the blinds closed and the doorway can't see my screens.)
 
2021-08-10 7:10:51 PM  

iron de havilland: Even displaying dots is a security issue because it lets black hats know how many characters the pw is. Hence why login on Unix doesn't do that.

/Cootys rat semen.


Fark user imageView Full Size
 
2021-08-10 7:34:14 PM  

mcmnky: GregoryD: Password manager solves the problem

No, it doesn't. I use a password manager. Yet this past weekend I got locked out of my NAS for too many failed login attempts.

I was trying to connect with SSH, and the 2 clients I tried (command line and putty) don't allow pasting passwords and don't have an option to show the password. So I'm stuck typing the long awkward password blindly.

Not allowing paste for the password is even worse than not having as option to display the password.


You might want to consider moving to SSH keys... waaay more secure and faster than typing something in
 
2021-08-10 11:52:51 PM  

Surrender your boo-tah: *******


That's amazing!  I have the same password on my bank account!
 
2021-08-11 9:20:42 AM  

oopsboom: mcmnky: GregoryD: Password manager solves the problem

No, it doesn't. I use a password manager. Yet this past weekend I got locked out of my NAS for too many failed login attempts.

I was trying to connect with SSH, and the 2 clients I tried (command line and putty) don't allow pasting passwords and don't have an option to show the password. So I'm stuck typing the long awkward password blindly.

Not allowing paste for the password is even worse than not having as option to display the password.

wth are you doing?  i copy passwords into command line and putty all the time.
its single left click to activate the window then ctrl-V for command line.
single left click to activate then right click for putty.
works fine even on suppressed fields.  you dont see the copied data appear, just like you wouldnt see it be typed, but its there.  just paste and hit enter.


Thanks. I'll try it again. It would be nice if there was some confirmation that the paste was successful.
 
Displayed 34 of 34 comments

View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking




On Twitter


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.