• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: secure uitextfield is not secure
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secure uitextfield is not secure

  • Subject: Re: secure uitextfield is not secure
  • From: Uli Kusterer <email@hidden>
  • Date: Thu, 06 Mar 2014 09:53:35 +0100
On 05 Mar 2014, at 23:57, Quincey Morris <email@hidden> wrote:
> Incidentally, having a “fully obscured” custom text field won’t help you in the demo scenario, because the audience can still see the key images pop up on the keyboard as you type. Are you proposing removing that feedback too? (And how will you do that?)

 Unless you’re recording, the key caps popping up is less of an issue. They pop up in different places, so an audience member’s or shoulder-surfer’s eyes have to follow the cap as it’s popping up and read it that moment. At the usual typing speed, by the time my eyes have jumped to the key cap, it has closed already.

 On the other hand, in the text field it is obvious where the next character will pop up, and they show up in the proper reading order, so it is so easy to read a password I often do it accidentally.

>> How very sad ... there should really be no way I could influence Apple in
>> this regard. IE: this isn't some elaborate, hard to define bug. This better
>> not be an accident that requires energy from someone as insignificant as me
>
> I agree with the earlier post which said (more or less) that if it’s your job to demo stuff, then it’s also your (your company’s) responsibility to provide a non-secure demo platform, or a non-secure account.

 Definitely. If data is confidential enough to protect by password access, you should be using a demo server with dummy data. That’s better for a demo anyway. If you can run that demo server locally, you’re insulated from network issues during your demo like other users eating up all the bandwidth or Wifi interference.

 If, for some reason that is not an option (why?), having single-use accounts or accounts with pseudo-random single-usepasswords is probably the best. That way, even if someone sees the password onscreen, it has already changed by the time an audience member might enter it.

Cheers,
-- Uli Kusterer
“The Witnesses of TeachText are everywhere...”
http://zathras.de


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >secure uitextfield is not secure (From: Luther Baker <email@hidden>)
 >Re: secure uitextfield is not secure (From: Fritz Anderson <email@hidden>)
 >Re: secure uitextfield is not secure (From: Luther Baker <email@hidden>)
 >Re: secure uitextfield is not secure (From: Quincey Morris <email@hidden>)

  • Prev by Date: Re: secure uitextfield is not secure
  • Next by Date: Re: secure uitextfield is not secure
  • Previous by thread: Re: secure uitextfield is not secure
  • Next by thread: Re: secure uitextfield is not secure
  • Index(es):
    • Date
    • Thread