No, this is retarded; the "unique nonreversable visualization" is trivially attacked offline by brute forcing with a dictionary of passwords. It's just the SHA1 of your password; fundamentally no different from tacking /etc/shadow to your password field as you type.<p>It wouldn't be retarded if it wasn't expending a lot of effort (and confusing the hell out of users) to get to that bad destination. But that's what it does.<p>When you consider "solutions" to this "problem", model it against an adversary with a camera.<p>The author of this post means well, but just masking the password characters, like every secure system has done for the past couple decades, remains the right answer.
I don't understand. I thought the point was that unmasking would make typing more accurate, not that after you had already typed it, you'd be able to confirm what you had typed. I don't see the point in that at all.
This is neat, I like it better than the last one. I would try to come up with a more lossy version. Maybe something that hashes to one of 50 animal icons. The algorithm should be good enough that any one-letter-off typo never results in the same icon. More secure, and easier to remember.
I was beginning to get perturbed by the inundation of password fields lately, but I actually really like this one. However, I think that it would be more effective as a browser plug-in than a site feature.
Wow, besides its functionality or not, it is a really interesting approach to solving a problem.<p>Kudos for imagination.<p>Back to the initial problem, after successive attempts you may remember the shape and colors, problem is, most business complain new users can't remember their passwords after registering, so there won't be a second time.<p>The only way of better remembering something is by viewing it.