In the past every website wants you to choose a username, password, and then confirm the password. They must match perfectly. Now in the past couple months many just ask for the password once. Is this a new web design standard, or did I just hit some Baader-Meinhoff situation and multiple websites decided to do the same thing independently?
I must say I have not seen that, but it seems like it would go hand-in-hand with the current trend of providing an option not to have the password starred out as you type it. The two-password-field thing is primarily a defense against making a typo when you set your password and not knowing it because you can’t see it.
Not starring out your password is just an acknowledgment that people shoulder-surfing your password as you set it is not as big an attack vector as people thought it would be in the 90s.
I haven’t seen that specifically.
I have seen that strong password thing where they choose it for you and then your browser remembers it.
I can guess why this has changed, but not the how.
Sidetrack: In the 1970s, I used the PLATO system, a very early interactive multi-user system. When you entered a password, for each letter you typed, it would display a random number of X’s, between 1 and 3. The idea was that someone shoulder-surfing you would not only not see the password, but probably couldn’t even tell how many characters it contained. I haven’t seen that particular paranoia since then.
But also remember that way-back-when video terminals were not that common. Most people were logging in on paper-printing terminals. So you didn’t want the password printed in the clear on a roll of paper that bad guys could find in the waste basket or in piles behind the terminal.
True, but PLATO used plasma display terminals, not paper. Actually, the plasma display was invented for PLATO terminals. PLATO was quite advanced for its time in many ways.