[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSSecureTextField

From: Lyndon Tremblay
Subject: Re: NSSecureTextField
Date: Thu, 28 Nov 2002 11:17:11 -0600

On 2002-11-26 15:53:45 -0700 Pascal Bourguignon <address@hidden> wrote:

Lyndon Tremblay writes:
I was wondering, should NSSecureTextField at some point be using
graphical  markers to indicate entered text? Such as diamonds,
circles, etc. Also... I  don't beleive clicking into/onto an
NSSecureTextField requires a connection to  the pasteboard server,
nor a complaint and a delay if not available.


I'd say it all depends on the degree of security that is needed.

low security: - show diamonds (gives a hint about the length of the password)

- allow paste (I've go a file with all those numerous non-sensitive but hard to remember and hard to type passwords).

high security: - don't show anything.

                - don't even think of having anything to do with a pasteboard.

                - check  that  the characters  effectively  come from  a
                  physical keyboard attached to the CPU.

                - determine the identity of the typist from the rythm of his
                  typing and
                - be prepared to send 30000 V thru the keyboard in case of
                  bad identity or bad password :-)

Ahh :) Also allow pasting for; confirmation web signup emails, and cvs web instructions etc..

But, when would the security model get dicided? GNUstep deployment, per user, local or remote, etc?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]