Password fields on WordPress.com not hidden by default
-
This is a huge security oversight that when entering input into a password field, the contents are not hidden by default. It goes against basic web design principles to display data entered in a password form.
Data should be hidden by default with the possibility for the user to display it, not the other way around.
Here is a screenshot of the problem:
-
Hi there,
Thanks for your note.
For your security, you can click the little “eye” icon in the text box to hide the password from view.
As seen here:
https://cloudup.com/cEltxvyqZbtYou have the option to view/hide your password as you wish.
Please let us know if you have any other questions. Thanks much!
-
I have noticed the eye, my issue is with the password being shown by default. It should be the other way around: hidden by default, and clicking on the eye shows the password.
The average user is accustomed to having his password hidden in a password field, so why does WordPress.com display it as clear text by default?
-
Thanks again for the feedback! I passed this along to our development team. I can’t promise that we’ll make the switch, but I will pass along any additional info/rationale as I receive it!
-
Hi @qonic,
I just wanted to follow-up here. We will not be changing the default behavior of the password field (shown by default). However, we really appreciate you raising this question! As a result, we’ve made a few additional changes to how the form operates (disable autocomplete, for example).
- The topic ‘Password fields on WordPress.com not hidden by default’ is closed to new replies.
WordPress.com Forums 