Jakob Nielsen has a posting that I think runs against the grain of what most security experts would say is necessary for protecting passwords. He argues that masking passwords, a practice left over from the web’s early days, does not really improve security and reduces usability.
