[cap-talk] Update on petname related anti-phishing work at the W3C
Tyler Close
tyler.close at gmail.com
Thu Jun 28 15:45:39 EDT 2007
Ok, then.
How about this:
http://www.w3.org/2006/WSC/drafts/rec/#piieditor-conformance-masking
"""
5.7.2 On screen masking of a PII string
Some PII strings, such as some passwords, are of such high value that
displaying them within the user agent, where they may be seen by a
passerby, is too great a risk. This sub-section specifies a mechanism
for marking a PII string as one which should not be displayed by the
user agent.
The PII editor history menu MUST provide a means for the user to mark
a PII string as one which should not be displayed on screen. Invoking
this command prompts the user for a "display name". Wherever a PII
string would be displayed by the PII bar, the provided display name
MUST be shown in its place, as well as an indication that the
displayed text is a display name, rather than an actual PII string.
The auto-completion feature of the PII editor text field MUST match
keystrokes against the display name, instead of the named PII string.
Whatever way a display name is selected, the named PII string MUST be
form filled, not the display name text.
"""
A password may still show up on screen when it is first created.
Having a special editing mode for creating a password seems
potentially confusing and awkward. Do people feel this step must also
be more strongly protected from shoulder surfing?
Tyler
On 6/28/07, David Hopwood <david.hopwood at industrial-designers.co.uk> wrote:
> Jonathan S. Shapiro wrote:
> > On Wed, 2007-06-27 at 16:52 -0700, Tyler Close wrote:
> >> Also, seeing your password in the PII bar is part of what tells you
> >> you're looking at the real PII bar and not a spoof. Does your password
> >> really need more protection from shoulder surfing than your credit
> >> card number gets, or other PII strings get?
> >
> > Exposing passwords is a PROFOUNDLY BAD idea, and to answer your
> > question, yes, my password absolutely requires more protection from
> > shoulder surfing than my credit card number receives.
>
> I agree. With regard to the point about future non-HTML formats
> hypothetically not providing enough information to automatically
> determine what is a password field; that would be a design flaw
> in any such format (particularly inexcusable since it would be a
> regression relative to HTML).
>
> --
> David Hopwood <david.hopwood at industrial-designers.co.uk>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
--
The web-calculus is the union of REST and capability-based security:
http://www.waterken.com/dev/Web/
Name your trusted sites to distinguish them from phishing sites.
https://addons.mozilla.org/firefox/957/
More information about the cap-talk
mailing list