Questions tagged [ux]
UX: user experience. Related to, and influenced by, UI (user interface).
6
questions
29
votes
6
answers
7k
views
Is it insecure to display the number of characters when users enter a new passphrase?
When users are entering a new passphrase somewhere, it's helpful to provide feedback on the number of characters received by the system.
In a user experience (UX) test I just ran, my user created a ...
2
votes
3
answers
355
views
Why do web browsers provide websites with plain text passwords? [duplicate]
Suppose I sign up for website.com with username "John" and password "Secret".
Currently the webbrowser supplies website.com with my real plain text password, and we must trust them to salt and hash ...
0
votes
0
answers
167
views
Would a mechanism for a same-password separate admin account solve the problem of UAC bypasses in Windows?
The standard role-separation mechanism in Windows for a local administrator is to have a single account, but protect it using UAC, and configure it for Always Notify if increased security is desired. ...
6
votes
1
answer
4k
views
Security with non-expiring sessions
Sessions expire differently on different places on the web:
StackOverflow: never expires
Twitter: never expires
Facebook: never expires
Stripe: expires after like 30 min or an hour or so
Some bank ...
2
votes
1
answer
459
views
Two factor authentication: Why ask for password first? [duplicate]
Every website that I came across that uses two-factor authentication asks the user for their password first. Then, after a correct password was entered, an SMS or an e-mail is sent that contains ...
3
votes
3
answers
277
views
Would this approach allow secure, typo-forgiving password handling?
Years back I voiced an opinion that making password handling forgiving, by accepting perhaps a single wrong character, would cost entropy but would not be leaving the barn door open; an additional ...