From: Rich Schwerdtfeger [mailto:richschwer@gmail.com]
Sent: 28 March 2016 23:25
“So, the net of this if we don’t include the role we continue to leave users exposed with a security hole where everyone can hear the password they are typing unless they happen to have a headset on. Is that what you both want?”
Introducing a different security hole to fix another doesn’t seem like a good solution.
If I hear my password in clear speech, I know I have a problem and can take steps to remedy it. If I hear “* * *” whilst my password is visible on-screen, I have a much more serious problem because I am unaware there *is a problem.
Léonie.
--
@LeonieWatson tink.uk Carpe diem.