Consistent reporting of hidden characters in password fields

[feerrenrut]

Is your feature request related to a problem? Please describe.

There is a lack of consistency to how password characters are reported. Different password fields use different characters as a masks, some use a bullet, others an asterisk. When speak typed characters is on, NVDA reports "star" as you type. However, when moving by character (arrow keys) or deleting characters, the mask character is reported. This could be confusing for users.

Describe the solution you'd like

Since we are able to detect that we are in a password field, all these actions should report the same thing. Arguably the actual character is not important, and familiarity of the password field is more important. Rather than report star, overloading it's semantics, we could play a sound for each password character.

Describe alternatives you've considered

• Reporting "star" in all situations.

• Querying the the actual password mask character being used by the control, and reporting and using that. This may require not reporting the character in password fields until the character shows up, introducing some extra latency while typing. It would need to be tested to asses the the full impact.

  Additional context

[XLTechie]

On Mon, 27 Jul 2020, Reef Turner wrote:

• Querying the the actual password mask character being used by the control, and reporting and using that. This may require not reporting the character in password fields until the character shows up, introducing some extra latency while typing. It would need to be tested to asses the the full impact.

I am at least partially inclined toward that option, assuming this is an actual problem.

The primary reason is that some sites, user manuals, etc., tell people what actually appears when you type a password ("as you type, black circles will appear to hide your password").

If people are likely to be confused by NVDA's use of stars then subsequent use of the actual character, as is now the case: aren't they likely also to be confused by hearing "star" when the manual tells them it should be something else?

Personally I think this is a non-issue, but if it is going to be an issue, taking it to its logical conclusion, we should use the actual character.

[XLTechie]

Since we are able to detect that we are in a password field, all these actions should report the same thing. Arguably the actual character is not important, and familiarity of the password field is more important. Rather than report star, overloading it's semantics, we could play a sound for each password character.

Re-reading this, that is actually better. If any character based option is considered, I still hold to my former comment; but if an earcon is to be considered, that is probably better as a replacement for the current "star", and leave the actual character speaking for review actions.

My main (mild) objection is to using star or earcons in all contexts.

[CyrilleB79]

What about actual situation and expected result regarding braille?

[Brian1Gaff]

Well, I find that most say star, but some say black circle, whatever that is, one assumes the character reported back is at the discretion of the person designing the page. I have to say that I've started to enable password reading since I'm such an awful typist! Obviously not the thing to do in public though. Brian

bglists@blueyonder.co.uk Sent via blueyonder. Please address personal E-mail to:- briang1@blueyonder.co.uk, putting 'Brian Gaff' in the display name field. Newsgroup monitored: alt.comp.blind-users ----- Original Message ----- From: "Reef Turner" notifications@github.com To: "nvaccess/nvda" nvda@noreply.github.com Cc: "Subscribed" subscribed@noreply.github.com Sent: Monday, July 27, 2020 5:58 PM Subject: [nvaccess/nvda] Consistent reporting of hidden characters in password fields (#11429)

Is your feature request related to a problem? Please describe.

There is a lack of consistency to how password characters are reported. Different password fields use different characters as a masks, some use a bullet, others an asterisk. When speak typed characters is on, NVDA reports "star" as you type. However, when moving by character (arrow keys) or deleting characters, the mask character is reported. This could be confusing for users.

Describe the solution you'd like

Since we are able to detect that we are in a password field, all these actions should report the same thing. Arguably the actual character is not important, and familiarity of the password field is more important. Rather than report star, overloading it's semantics, we could play a sound for each password character.

Describe alternatives you've considered

• Reporting "star" in all situations.
• Querying the the actual password mask character being used by the control, and reporting and using that. This may require not reporting the character in password fields until the character shows up, introducing some extra latency while typing. It would need to be tested to asses the the full impact.

Additional context

-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/nvaccess/nvda/issues/11429