[Bullet Magnet]

This question applies to everyone.

Which method do you feel is best for registration/setting passwords? I've accepted the 'confirm password' method as a convention for several years now, but it seems more and more applications are migrating to the option to unmask your password. Certain UX studies have shown that masking the password and asking for it twice have led to lost business (I've heard stranger things).

I'm trying to implement one of these approaches in PassShed and am leaning toward the option to unmask your password.

[BlackCat]

When registering somewhere, I've never run into the unmasking phenomenon yet. But from the way you're describing it, I don't like it.

Psychologically, when I'm typing my password somewhere, I never want to see it. It should be hidden. Having those little dots just affirms security to me; it gives me a sense of protection knowing that my data will cared for and respected. On top of that, I wouldn't want anyone over my shoulder or some dude with powerful binoculars looking in my window seeing it. My keystrokes, on the other hand, are less distinguishable.

I love typing my password twice. I can see how slow typers may prefer the unmask option because I have seen firsthand how frustrated some people can be when they goof. I don't care though because it takes me an extra 2-4 seconds. If I were you though, I would go with the confirm password option... Actually seeing my password on the screen freaks me out.

To have more confidence in your decision, whichever you decide, you should expose your poll to about 1,000 more people.

[Bullet Magnet]

Here is a discussion that sparked my interest in the subject.

The more I think about it, though, I think I'll stick with the dual-entry option. Aside from convention, it probably suits the majority of users.

Also, PassShed's master password is rather important since losing it means losing access to all of your data. I wouldn't want to risk a user being surrounded by prying eyes and leaving their password masked without checking it before submitting it.

[Zorro]

Smashing Magazine covered this [link] a few years ago. It wasn't received very well by a lot of various UI designers and developers, but ultimately everyone had their own opinions of it.