User Experience Design: Masking the password or plaintext password

Picture references from buckeyesecure.osu.edu

The idea of using plaintext passwords by Jakob Nielsen, a renowned usability expert, has caused a lot of controversy right away.
Here I translate this controversial article and tell me after reading, what is your point of view?

It's time-- in most cases, when a user enters a password, they display it in clear text. All along, providing feedback and visualizing the state of the system is the most basic usability principle, and it is absolutely impersonal to display symbols that look exactly the same when a user enters a complex password.

The vast majority of websites (and many other applications) hide passwords that users enter, in theory, to prevent a handful of evil people from peeping into the code behind you. In fact, a criminal who is out of the gutter can simply remember that you pressed those keys by looking at your keyboard, masking the code and not protecting you in front of the peeping person.

Most importantly, there is no one to look at your password at all, you are squatting in the room alone, endure the bad usability to guard against a p.

The cost of covering up

Password masking has proven to be an extremely shameful usability issue in our mobile devices (cell phones, etc.) tests when input is very difficult and feedback is no different. Of course, this problem also exists in desktop systems.

When you make it harder for users to enter passwords, you create 2 problems-one of which actually lowers security:

1. Users make more mistakes because they can't see what they're typing. So they feel less confident, which doubles the decline in the user experience, and people are more likely to give up and leave your site, meaning you're losing business. (in the case of a local area network, additional technical support calls)
2. The more unsure the user is about the input password, the more likely they are to use a too simple password or B. Copy and paste passwords from a file, both of which can result in loss of security.

Of course, sometimes there is the possibility of being unauthorized by the side of others, such as in the Internet café. So is it possible to provide a checkbox for the user to choose? For high-risk applications such as bank accounts, the default is to select the disguise password. In the trade-off between security and usability, security is sometimes more critical.

But in most cases, a clean plaintext password feedback will make the user very happy, your business will increase, and even security will increase the slightest bit.

Discard the old design!

It's really not a lot of reasons to disguise the popularity of passwords, except for a. Easy to do or B. This is the early default design of the Web page. At this point it is similar to the other usability issue, "provide the reset button" in the form, which is also the thing to go to hell with.

In general, I would suggest that you follow established rules and do what users expect, so that they can focus on understanding your product rather than on the UI.

But masking the passwords and resetting the buttons is not something that users take the initiative to look for, and removing them will not create confusion, instead they would be a clear text box (for masking passwords), and a blank area (for the button that once killed all my input).

This is not to remove what the user is looking for, or to introduce what the user does not understand. To clean up these sanitary corners of the internet and sweep away all the things that have been "there" for "always There".