The Gripe
I am a strong believer in privacy, security, and technological ethics.
It’s amazing how many web sites and applications believe that it’s more secure to replace characters with asterisks ‘*’ while you enter a password. Stop it! It makes no sense and doesn’t make the user password somehow safer.
I think this is an ancient practice from the early days of the Web, and somehow it has continued to the present day. Not seeing your password isn’t cool, especially if you have a non-human readable password.
Could you type the password below into a field that doesn’t show characters as you type them? Now, try doing this from a TV or console controller!
yiWE2DxMma!AqRPZF4NAo9cf
The Solution
Since this practice started on the Web, I’m going to provide one of several ways to include a show password button on your site. No more excuses ;-)
JavaScript
function myFunction() {
var x = document.getElementById("myInput");
if (x.type === "password") {
x.type = "text";
} else {
x.type = "password";
}
}
HTML
<!-- Password field -->
Password: <input type="password" value="FakePSW" id="myInput">
<!-- An element to toggle between password visibility -->
<input type="checkbox" onclick="myFunction()">Show Password