iPad mini-Password Visibility
iPad mini-Password Visibility
When typing in passwords on my new iPad mini, each letter typed is visible for a few seconds. This means that someone nearby could (if they wanted to and most wouldn't) make out your password. Is this something new for tablets and does anyone know why password letters would be briefly visible and if it should be a concern?
Thanks.
Thanks.
Last edited by Fallible on Sun Jun 30, 2013 5:28 pm, edited 1 time in total.
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
- Mel Lindauer
- Moderator
- Posts: 35782
- Joined: Mon Feb 19, 2007 7:49 pm
- Location: Daytona Beach Shores, Florida
- Contact:
Re: iPad mini-Password Visibility
I think the reason it's visible momentarily is so you can see if you typed the correct letters. With the on-screen keyboards, there's much more chance for error, and sending the wrong password several times can get you locked of of may higher-security sites, such as financial sites.Fallible wrote:When typing in passwords on my new iPad mini, each letter typed is visible for a few seconds. This means that someone nearby could (if they wanted to and most wouldn't) make out your password. Is this something new for notepads and does anyone know why password letters would be briefly visible and if it should be a concern?
Thanks.
Best Regards - Mel |
|
Semper Fi
Re: iPad mini-Password Visibility
I think that is correct. One shouldn't be typing in passwords in an environment where someone can see what you are doing anyway so it really shouldn't be an issue.Mel Lindauer wrote:I think the reason it's visible momentarily is so you can see if you typed the correct letters.
I always wanted to be a procrastinator.
Re: iPad mini-Password Visibility
Remember that somebody looking over your shoulder can also see which letters you are pressing, so it's never safe to enter your password with people nearby.
Showing one letter at a time briefly is a conscious tradeoff between some additional protection from bystanders and the nuisance of getting your password wrong and possibly being locked out of your account.
Showing one letter at a time briefly is a conscious tradeoff between some additional protection from bystanders and the nuisance of getting your password wrong and possibly being locked out of your account.
Re: iPad mini-Password Visibility
Hi Fallible,
By the way, this letter-by-letter password visibility is not unique to iPad. It's also a feature of Android devices.
Victoria
By the way, this letter-by-letter password visibility is not unique to iPad. It's also a feature of Android devices.
Victoria
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
Re: iPad mini-Password Visibility
Okay, thanks everybody. I can see now why the letter would appear and plan to be much more careful when I type in a password. Still, if Apple cared about me, a mere speck of humanity in their vast, digital empire, I'd tell them the letter is visible at least a second too long, just long enough for prying eyes. Anybody typing in a password would need only a split second to see the letter and know if it's the right one, IMO. (I bet Steve Jobs would've cared what I think.)
Last edited by Fallible on Mon Jul 08, 2013 7:26 pm, edited 1 time in total.
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
Fallible,
Take a look at this discussion on an Apple forum. The person posing the initial question has the same question/concern as you do. Someone responds to him that his son was able to figure out the 9-digit password after seeing three of the characters.
I think the solution is to have a long password that is not easy to guess by those who know you.
Victoria
Take a look at this discussion on an Apple forum. The person posing the initial question has the same question/concern as you do. Someone responds to him that his son was able to figure out the 9-digit password after seeing three of the characters.
I think the solution is to have a long password that is not easy to guess by those who know you.
Victoria
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
Re: iPad mini-Password Visibility
They do make privacy filters for tablets. I've thought of getting one of these for when I fly.
http://www.amazon.com/3M-Privacy-Screen ... B008U6ZBZA
http://www.amazon.com/3M-Privacy-Screen ... B008U6ZBZA
Re: iPad mini-Password Visibility
Hi Victoria,VictoriaF wrote:Fallible,
Take a look at this discussion on an Apple forum. The person posing the initial question has the same question/concern as you do. Someone responds to him that his son was able to figure out the 9-digit password after seeing three of the characters.
I think the solution is to have a long password that is not easy to guess by those who know you.
Victoria
Thanks, the forum is interesting, the same concerns but apparently Apple plans no changes. I got the iPad mini mainly for use in public places such as libraries and coffee shops, and especially looked forward to using it on some flights this year. Since portability is a main draw of the mini, I think Apple should offer a way to turn off the letter display. (I bet Steve Jobs would've done it.) I already use long passwords, upper/lower case, etc., but I probably can change them more often.
Fallible
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
I will look into one of these as it appears they also provide general screen protection. If you do get one, I'd be interested to know how you like it.burgrat wrote:They do make privacy filters for tablets. I've thought of getting one of these for when I fly.
http://www.amazon.com/3M-Privacy-Screen ... B008U6ZBZA
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
Fallible - your hand movements on a half-screen keyboard are quite revealing of your password, possibly more than a password entry field in a small font. It's not a bad idea to get a privacy filter, but don't let that lull you into a false sense of security - the keyboard has a consistent layout so a bystander doesn't necessarily need to see the screen. You should hide your Pad for the duration, regardless.
(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Re: iPad mini-Password Visibility
An infamous pre-computer example of that is the Maginot Line.ogd wrote:(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Victoria
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
- Epsilon Delta
- Posts: 8090
- Joined: Thu Apr 28, 2011 7:00 pm
Re: iPad mini-Password Visibility
You could practice entering your password with the device in your pocket / under a coat. Easier with a keyboard than a touch screen but if you really care about security ... .
An add-in that lets you enter a password in Morse would make this easier.
An add-in that lets you enter a password in Morse would make this easier.
Re: iPad mini-Password Visibility
ogd: I probably will try out the filter but don’t see it as a cure-all. Hiding the iPad is also a good idea and thanks.
Epsilon Delta: What is an “add-in” allowing a pw in Morse? How would that work?
Epsilon Delta: What is an “add-in” allowing a pw in Morse? How would that work?
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
I think they were joking.Fallible wrote:ogd: I probably will try out the filter but don’t see it as a cure-all. Hiding the iPad is also a good idea and thanks.
Epsilon Delta: What is an “add-in” allowing a pw in Morse? How would that work?
But if you want to be able to enter the password in your pocket without looking, you can choose something like Aaaaaaaaaaaaaaaaaaa. The first A will be automatically capitalized, and then you will press "a" 18 more times, for the total of 19. As a prime number, '19' will be more difficult to guess than 18 or 20(*).
(*) This is NOT a password recommendation. This is an idea how entering a password in the pocket could work. I wouldn't choose the password above for myself; all mine require looking.
Victoria
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
Re: iPad mini-Password Visibility
Or, when the tables turned in 1944, Pas de Calais and western Ukraine.VictoriaF wrote:An infamous pre-computer example of that is the Maginot Line.ogd wrote:(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Victoria
Re: iPad mini-Password Visibility
Ironically, I know more about the former (Pas de Calais and the Operation Fortitude) than the latter (maskirovka in the Western Ukraine).ogd wrote:Or, when the tables turned in 1944, Pas de Calais and western Ukraine.VictoriaF wrote:An infamous pre-computer example of that is the Maginot Line.ogd wrote:(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Victoria
Victoria
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
Re: iPad mini-Password Visibility
Is this just for a single password? Or is it for multiple sites during a single session? If the latter, then consider using 1Password app (well, I recommend it regardless). Although 1Password also reveals the password characters briefly when you open it, once it is open all passwords are pasted in and not visible at all. They also have an integral browser for iOS that automatically puts in your user name and password when you go to a site. Pasting in the passwords also prevents keyloggers from grabbing your keystrokes. I don't know how many microseconds the 1Password character reveal is as compared to what you are seeing in Safari but you would definitely want to protect it from prying eyes.
I recommend 1Password to everybody: Mac/PC/iOS/Android. The app will remember a different user name and password for every single site you use, so if (when) a site gets compromised, some crook won't have a working user name/password combination to try on other sites around the internet. Because of 1Password I don't have to remember anything except my master password and my passwords generally look like this: 88MG$7+D/z8F49H(VK6)VJ.
No affiliation with 1Password; I'm just a happy customer.
I recommend 1Password to everybody: Mac/PC/iOS/Android. The app will remember a different user name and password for every single site you use, so if (when) a site gets compromised, some crook won't have a working user name/password combination to try on other sites around the internet. Because of 1Password I don't have to remember anything except my master password and my passwords generally look like this: 88MG$7+D/z8F49H(VK6)VJ.
No affiliation with 1Password; I'm just a happy customer.
Re: iPad mini-Password Visibility
They were joking about hiding the iPad and the add-in?VictoriaF wrote:I think they were joking.Fallible wrote:ogd: I probably will try out the filter but don’t see it as a cure-all. Hiding the iPad is also a good idea and thanks.
Epsilon Delta: What is an “add-in” allowing a pw in Morse? How would that work?
But if you want to be able to enter the password in your pocket without looking, you can choose something like Aaaaaaaaaaaaaaaaaaa. The first A will be automatically capitalized, and then you will press "a" 18 more times, for the total of 19. As a prime number, '19' will be more difficult to guess than 18 or 20(*).
(*) This is NOT a password recommendation. This is an idea how entering a password in the pocket could work. I wouldn't choose the password above for myself; all mine require looking.
Victoria
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
I was not joking about hiding the iPad, but the Morse code password strikes me as - --- -. --. ..- . / .. -. / -.-. .... . . -.-
Re: iPad mini-Password Visibility
They both led to two massive blows from which the Germans never recovered. The eastern one, although a huge success, is not widely known in the West, partly because of the Cold War and partly because of its shameful aftermath.VictoriaF wrote:Ironically, I know more about the former (Pas de Calais and the Operation Fortitude) than the latter (maskirovka in the Western Ukraine).
Victoria
To bring this back on topic, I hope none of your security lapses are that consequential
Re: iPad mini-Password Visibility
That's probably why they did not teach it in the Soviet schools.ogd wrote:They both led to two massive blows from which the Germans never recovered. The eastern one, although a huge success, is not widely known in the West, partly because of the Cold War and partly because of its shameful aftermath.VictoriaF wrote:Ironically, I know more about the former (Pas de Calais and the Operation Fortitude) than the latter (maskirovka in the Western Ukraine).
Victoria
Victoria {guarding my secrets}ogd wrote:To bring this back on topic, I hope none of your security lapses are that consequential
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
Re: iPad mini-Password Visibility
- .... .- -. -.- ... .-.-.-ogd wrote:I was not joking about hiding the iPad, but the Morse code password strikes me as - --- -. --. ..- . / .. -. / -.-. .... . . -.-
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
- Epsilon Delta
- Posts: 8090
- Joined: Thu Apr 28, 2011 7:00 pm
Re: iPad mini-Password Visibility
That was somewhat tongue in cheek, but it can be done, and it would help with privacy.Fallible wrote:ogd: I probably will try out the filter but don’t see it as a cure-all. Hiding the iPad is also a good idea and thanks.
Epsilon Delta: What is an “add-in” allowing a pw in Morse? How would that work?
Android allows you to install alternate input methods. Many of these are just rearranged keyboards, (e.g. Dvorak or foreign language arrangements) but some do other things, such as special spell checks or word prediction. Some keyboards only have a few keys and use some sort of gesture to select among multiple letters assigned to each key. Handwriting recognition (a.k.a. graffiti (tm) ) is the ultimate in gesture recognition. There are even input methods that use the accelerometer instead of the touch screen (you tilt and shake to enter letters). Finally there are Morse code entry methods, although most use two keys (dot and dash) rather than the single key of traditional Morse.
Because Morse uses the timing of a sequence of taps, instead of the location of taps, it can be entered blind. Indeed it does not help to look at the key. Entering blind is useful if you are hiding password entry under a coat. Handwriting recognition is another method that has possibilities for blind entry.
http://kschang.hubpages.com/hub/Android ... ld-you-use
- Phineas J. Whoopee
- Posts: 9675
- Joined: Sun Dec 18, 2011 5:18 pm
Re: iPad mini-Password Visibility
Where your enemy is strong, avoid him!VictoriaF wrote:An infamous pre-computer example of that is the Maginot Line.ogd wrote:(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Victoria
Where your enemy is weak, attack him!
-- Master Sun, The Art of War
Re: iPad mini-Password Visibility
EpsilonDelta: very funky. I would have never thought of a Morse keyboard.
The Morse encoding might help with remembering a password, but it's not particularly efficient. If you are willing to memorize a long series of zeroes and ones, a 25-30 character password using only two thumb-friendly keys like Q and P is sufficient security even if your adversary is told or sees what your password looks like, and it can be entered blind. But it must be truly random and not a drumming pattern or something.
The Morse encoding might help with remembering a password, but it's not particularly efficient. If you are willing to memorize a long series of zeroes and ones, a 25-30 character password using only two thumb-friendly keys like Q and P is sufficient security even if your adversary is told or sees what your password looks like, and it can be entered blind. But it must be truly random and not a drumming pattern or something.
Re: iPad mini-Password Visibility
Fallible,
Why not simply put a piece of paper or cloth over the exposed field while your typing? -- Tet
Why not simply put a piece of paper or cloth over the exposed field while your typing? -- Tet
Re: iPad mini-Password Visibility
Master Sun is now Master Oracle {geeky smile},Phineas J. Whoopee wrote:Where your enemy is strong, avoid him!VictoriaF wrote:An infamous pre-computer example of that is the Maginot Line.ogd wrote:(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Victoria
Where your enemy is weak, attack him!
-- Master Sun, The Art of War
Victoria
Inventor of the Bogleheads Secret Handshake |
Winner of the 2015 Boglehead Contest. |
Every joke has a bit of a joke. ... The rest is the truth. (Marat F)
Re: iPad mini-Password Visibility
Looked at from the French side, you could say the Maginot Line, as far as it went, did avoid the enemy.Phineas J. Whoopee wrote:Where your enemy is strong, avoid him!VictoriaF wrote:An infamous pre-computer example of that is the Maginot Line.ogd wrote:(I've done a lot of work in computer security and one of the biggest dangers is focusing on one avenue of attack to the detriment of all others.)
Victoria
Where your enemy is weak, attack him!
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
I love simple solutions and some type of cover does seem worth trying.tetractys wrote:Fallible,
Why not simply put a piece of paper or cloth over the exposed field while your typing? -- Tet
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
Why do you say that? This password entry behavior has been consistent since the very first introduction of the iPhone in 2007, when Steve Jobs was very much alive and in charge.Fallible wrote:Since portability is a main draw of the mini, I think Apple should offer a way to turn off the letter display. (I bet Steve Jobs would've done it.)
Re: iPad mini-Password Visibility
If you are entering a password in a public place, presumably you are connecting to a public wi-fi network? I'd be far more concerned about that then someone stealing my password by reading it as I type it in. It's good to avoid using the same password for everything. I've had forgotten passwords for some websites e-mailed back to me "in the clear". Which is disconcerting.
Also, you might want to set a screen lock in case you go off and leave your iPad in this public place. It is also a good idea to have your cell phone number visible on the your "wallpaper" screen. That way if someone finds it, they will be able to find you.
If Steve Jobs was still around, he'd tell you to get over it - I'm sure this interface works just the way he wanted it to.
Also, you might want to set a screen lock in case you go off and leave your iPad in this public place. It is also a good idea to have your cell phone number visible on the your "wallpaper" screen. That way if someone finds it, they will be able to find you.
If Steve Jobs was still around, he'd tell you to get over it - I'm sure this interface works just the way he wanted it to.
"Worrying is like paying interest on a debt that you might never owe" -- Will Rogers
Re: iPad mini-Password Visibility
My Steve Jobs comments were pretty much tongue in cheek as I doubt he'd be listening to little me, no matter how greatly I've admired his genius.nothlit wrote:Why do you say that? This password entry behavior has been consistent since the very first introduction of the iPhone in 2007, when Steve Jobs was very much alive and in charge.Fallible wrote:Since portability is a main draw of the mini, I think Apple should offer a way to turn off the letter display. (I bet Steve Jobs would've done it.)
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle
Re: iPad mini-Password Visibility
Thanks for the tips in public places. As for Jobs, in effect he has told me and others who would like to opt out of the letter display to get over it since it remains unchanged. As for it working the way he wanted, was anything ever good enough for Steve Jobs? Thank heavens, no.dpc wrote:If you are entering a password in a public place, presumably you are connecting to a public wi-fi network? I'd be far more concerned about that then someone stealing my password by reading it as I type it in. It's good to avoid using the same password for everything. I've had forgotten passwords for some websites e-mailed back to me "in the clear". Which is disconcerting.
Also, you might want to set a screen lock in case you go off and leave your iPad in this public place. It is also a good idea to have your cell phone number visible on the your "wallpaper" screen. That way if someone finds it, they will be able to find you.
If Steve Jobs was still around, he'd tell you to get over it - I'm sure this interface works just the way he wanted it to.
"Yes, investing is simple. But it is not easy, for it requires discipline, patience, steadfastness, and that most uncommon of all gifts, common sense." ~Jack Bogle