The Reason Passwords Appear As Dots On Text Fields

Let’s talk about those dotss that show at login pages.

What Are The Dots When Typing Your Password?

Dot placeholders seen while typing passwords are known as “masking.”

These dots aim to conceal the password with each typed letter. Each dot represents a character, but that’s the only information revealed about the password.

Stops Shoulder Spying

Hiding passwords behind these dots prevents onlookers from seeing them, especially useful in public spaces or when someone is nearby during login.

Even if there isn’t someone physically close, security cameras in public areas can pose a risk, making this feature helpful in these few cases.

It Doesn’t Protect Anything Else

Besides safeguarding against over-the-shoulder observers, the dots don’t provide additional protection.

If your computer is infected with malware, the dots offer no help.

Although invisible to the user, the browser and computer see the actual text so it can log the user in.

One thing I’ve learned over the years is that you can go into the source code of the webpage and remove these dots. Being able to remove these dots with a few keystrokes really puts into perspective of how little protection they give.

There are methods to remove these dots by going into the webpage’s source code, useful when a website lacks a “show password” option.

Operating systems are getting better about secure textbox areas like the password fields. The macOS operating system blocks other applications from reading your keystrokes when you’re entering something into a secure field such as a password. While it won’t stop most malware, it’s a step in the right direction.

See my post on better securing one’s self: “15 Rules for Better Computer and Internet Security“.

Other Ways To Know The Password?

While the dots on the screen prevent others from glimpsing a password, they don’t halt other methods of password acquisition.

For instance, if someone is peering over a shoulder, they could easily observe the keyboard during typing to discern the password.

You can even go spy-like and use the sound of you hitting the keys on the keyboard to figure out your password.

The dots in the password field primarily protect against “over-the-shoulder” scenarios. Their continued use might be more about habit; society has been conditioned to recognize dot placeholders as indicators for password entry. Avoiding the mishap of entering a password in the username field, which isn’t always hashed or encrypted, is crucial.

Therefore, the primary purpose of these dots is to signal the correct field for password entry. They serve as a reassuring cue that this is the designated spot for entering passwords.

Use A Password Manager

The most effective strategy for securing passwords is utilizing a password manager.

This tool saves all passwords and stores them in an encrypted vault, which is then secured using a master password.

We have a video on how to get started with a password manager here.

If you don’t trust the password manager because of “keeping all your eggs in one basket,” then we have a solution here.

If password managers are not your thing, then a password book is the next best thing. Just make sure to use random passwords for every account.

For optimal security, a password manager is the top choice. It only fills in the password when the URL matches its records. Additionally, it auto-fills the password, preventing others from hearing or seeing the typing of the password.

Just make sure to write down the master password and other important information. We have a post here that goes over the password manager emergency sheet that you should set up.

Leave a Comment