As a case study relating to my previous post on password input-boxes, I present eToro, a social foreign exchange trading service. Here’s what you see if you want to sign up:
As you can see, a standard sign-up screen. All is well in the world, and look, they even did away with the confirmation boxes for password and e-mail. Innovative!
But maybe a password confirmation box would be useful for if you made a typo? Oh, not to worry! Right as you press the “Sign-Up” button, you get this security disaster:
Your password, which you previously painstakingly entered blind, is now completely visible, right after you pressed Sign-Up. This obviously makes the previous masked password-box totally useless. The negative usability experience caused by the password-box was for nothing.
Of course they also send your password in an e-mail, just to make absolutely sure any bystander has seen your password, and if someone ever gets into your mail account, he or she also has access to your eToro account.
Here’s how to fix it, eToro:
- If you’re of the opinion that you should use a password inputbox, make sure the user’s password is never visible anywhere on your site. Any security you might have gained by masking the user’s password would be lost. Remember why password boxes were invented in the first place!
- Don’t send the user his password in an e-mail! If a bad person ever gains access to the user’s mail account, he also gains access to the user’s eToro account by searching for any mails containing the word “password”. Just make sure you have a “Password Recovery” feature which is both fast and secure to replace.