01-12-2012 12:37 PM
I downloaded AppWorld 184.108.40.206 and successfully updated BlackBerry ID. (No problems there, unlike for many others here).
However, now when I log into AppWorld (maybe this is actually BlackBerry ID?) the password field shows up in clear text (even when the "Show password" box is not checked). Not the most amazing from a security point of view, but much more annoying is that since it displays in clear text, SureType tries to be clever about turning the password into an English word.
Choosing actual words for a password is also a bad idea, and in fact I have chosen passwords for all accounts I use on BB to use only numbers or the leftmost of two letters so that I can type them pressing each button once (with ALT for the numbers) - but that only works if SureType is not enabled (and generally for passwords, SureType is disabled and multi-click mode is used).
As an added insecurity bonus, I suspect that at some point I might end up teaching SureType to recognize my password, meaning that it will show up in its dictionaries - also not good.
When will RIM fix this problem for SureType phones (ideally including the touchscreen ones in SureType mode but I would be happy with a fix for just Pearl)? The password field should have a conventional *****x password display where only the most recent character is visible for a second, in multi-click mode, with SureType turned off by default. The current mode is insecure (even on non-SureType phones, clear-text password display is a bad idea) and extremely annoying for SureType users.