rc3.org - iPhone 2.0 password masking

iPhone 2.0 password masking

In Commentary on 13 July 2008 tagged iPhone, mobile technology, user experience with 5 comments

Apple made a clever user interface change with iPhone 2.0:

iPhone password masking

When you enter text into a password field, it briefly displays the character you just entered. After a few seconds, it changes the character into the mask, but it gives you some visible feedback that you’re entering the characters you think you’re entering. (I always had problems entering passwords correctly until this feature was added.)

It’s an acknowledgement that entering text using a virtual keyboard isn’t foolproof, and it provides a good compromise between masking passwords so people can’t see your password over your shoulder and enabling users to avoid typos when entering them.

By the way, this screen shot was taken using the new screen capture feature in iPhone 2.0.

Update: Commenters have noted that other phone makers have been doing it this way for years. I guess what this really means is that the iPhone is the first phone that I’ve ever used to enter a password.

5 Comments

This has been the standard password input field behavior on Nokia phone web browsers for years — but interestingly enough, not on the 770 tablet.

Posted by Anonymous on 13 July 2008 @ 5pm

On my N800 (with the OS2008 version of the OS), I get the last-char-for-a-second thing with password prompters for applications, but don’t get it with password fields in the web browser.

Posted by Patrick Mueller on 13 July 2008 @ 7pm

Has been the same on Sony Ericsson phones for years too…

Posted by Adam on 14 July 2008 @ 2am

Unngh, I absolutely HATE this feature, and I am desperately looking for a way to shut it off. It’s a huge security issue, IMO.

I don’t really care if it is helpful for others, I just want to shut it off.

Posted by Nicholas Paldino on 17 July 2008 @ 10am

How is this a security issue? If the user can see the last character on your iPhone screen, then they could see you type the character just as easily. It really doesn’t matter if the password is masked. If security is that important to you, I’d really suggest you not type passwords into a website form field.

I think it’s the illusion of security you are after and not security at all.

Posted by Court Kizer on 9 July 2009 @ 2pm

Leave a Comment

← Another look at the long tail NPR on Mr. Jalopy →

About

This is the weblog of Rafe Colburn. I'm a software developer and computer book author, but this blog is really about whatever catches my interest on a day to day basis. I've been blogging since December, 1998.

Recently

Visit the full archive

Et Cetera

You can follow @rc3dotorg on Twitter here. My personal Twitter account is @rafeco. If you know what an RSS feed is, you can subscribe to the rc3.org feed here.

← Back to Home

© rc3.org. Powered by WordPress using the DePo Skinny Theme.