Results 1 to 3 of 3
  1. #1
    Join Date
    Apr 2006
    Location
    Planet Earth
    Posts
    155

    Re-display password in registration form good or bad?

    When a user tries to register and the data he submits are not right such as bad email, or weak password, we would display the registration page again to him with the data he just submitted along with the error messages.

    My question is should we display the password he just submitted in HTML as this?

    <input type="password" value="s0me7Xpwd">

    Or just leave it blank and annoys him to enter another one?

    It's definitely better in user experience to insert the password again (especially when the password is all right) but would it be good with regards to security?

  2. #2
    Hi,Yes, that would be good in security aspect. Have them edit the password again.
    www.24x7servermanagement.com
    Server Management, Server Security, Server Monitoring.
    India's Leading Managed Service Provider !! Skype: techs24x7

  3. #3
    Join Date
    Nov 2006
    Location
    Karachi, Pakistan
    Posts
    1,359
    Password fields are of type "password" because that ensures that their contents are never displayed by browsers on-screen and this prevents shoulder surfing. So there is no question of editing the contents of a password field since you can never see what's entered there in the first place. So don't display the password in your error page because it would be pointless and may even be used in some clever way to exploit your users' accounts.
    Last edited by /dev/random; 04-18-2015 at 11:47 AM.

Similar Threads

  1. Starting a web hosting company in this economy, good or bad?
    By Karbon in forum Running a Web Hosting Business
    Replies: 20
    Last Post: 03-28-2009, 05:15 AM
  2. 20 vps in one server! good or bad!
    By king_o_e in forum VPS Hosting
    Replies: 33
    Last Post: 09-10-2007, 05:16 PM
  3. Run Server in virtual machine ( GOOD or BAD )
    By test1231 in forum Hosting Security and Technology
    Replies: 4
    Last Post: 07-25-2006, 03:03 PM
  4. Replies: 2
    Last Post: 01-14-2003, 10:11 AM
  5. Your home address in the NIC whois good or bad?
    By Rock in forum Domain Names
    Replies: 33
    Last Post: 01-13-2003, 09:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •