Add “Visibility Eye Icon” Option to Read-Host #19726
Comments
aksarben
added
Issue-Enhancement
|
You can write function to implement red eye: function Prompt-User {
param ( [Parameter()] [switch] $Unsecure )
if ($Unsecure) { $data = Read-Host "`e[31m`u{1f441}`e[0m Enter" }
else { $data = Read-Host "Enter" -MaskInput }
return $data
}
PS > Prompt-User -Unsecure
PS > Prompt-User
|
|
@237dmitry, your function won't help, because the intent is to have masked input by default, and then - while the masked prompt is already being displayed - have the option to temporarily unmask the input. A few thoughts:
|
|
Yeah, I understand there's no free lunch.
Another point I thought of since submitting the suggestion:
It has the potential to decrease account lockouts due to (accidentally) repeatedly entering wrong passwords.
Just sayin…
…___________________________
The Cyber Hymnal™ <><
http://www.hymntime.com/tch
|
|
The functionality is in the host part rather the
I'd settle for the these printing a warning if caps lock is on, which would probably halve the problem. :-) |
This is one-minute-written script example. Not the solution nor the suggestion. |
kilasuit
added
the
WG-Cmdlets-Utility
|
@237dmitry, if you had stated your fundamental opposition to this feature request up front - on the grounds of security, as you state - you wouldn't have had to suggest an - even less secure - (non-)workaround, and there would have been no need for this back-and-forth. |
Agree. At the very least it would need an option so corporate security could turn it off. |
How about "reveal while [key] is held" to temporarily show masked input while the input is still in progress? |
|
@dwtaber, while that sounds like the best option for a console-based UI, the challenge is how to advertise this feature to the user (documenting it wouldn't be enough, as the target audience for such a feature may not even know PowerShell). Of course, leaving it up to the script author to include something like "hold down Alt for 2 seconds to temporary reveal what you've typed" in the If such a feature does get implemented, it should probably also be included (possibly by opt-in in all cases) in |
|
While you can't do this today in Read-Host, what you could do is use Terminal.Gui to create a form that has a text field for the secret and a button to toggle the This is created from the example on the readme and shows the text box with text visible and hidden.
|
|
Thanks, @ThomasNieto - The bigger question with respect to this feature request - and others like #19680, #19664 and #16660 - is where to draw the line between what makes sense to build into PowerShell's standard cmdlets vs. what to leave to speciality third-party libraries. (Personally, I think accommodating very common use cases as part of the standard cmdlets makes sense.) |
|
I think a TUI based cmdlet as @ThomasNieto suggested (perhaps as part of https://github.com/powershell/graphicaltools would be best as that module already leverages Terminal.Gui.
|
|
Not sure I understand. Are you saying most people paste passwords from the clipboard? Don’t think I could agree, given that the visibility icon is used on thousands of Web sites. |
(a) The request is for a clickable icon. I can't think of case where something in the CLI happens as a result of clicking something. In a browser (or anything GUI based) click control A and to change the display parameters of control B is pretty standard.
|
|
Quick preface: When I use the terms specious and fallacy, they are shorthands for - alleged - This thread has been hijacked with specious arguments similar to what happened in #19680:
Additionally:
If the argument is: "The underlying functionality should never have been implemented / will go away soon, so there's no point in enhancing it."
On a meta note:
|
|
Much has been said here and #19680 and its spin offs. This issue is different - GUIs now commonly feature a reveal password button and CLIs don't. I've asked people to give a CLI example but haven't seen one yet. Here it's not possible to say "Good idea, write it and share it", because it needs functionality not present in |
This is enough scope creep that it really should be its own feature request, but what I'm thinking of is a general mechanism for temporarily displaying hints while waiting for user input, similar to how progress information is only shown while the activity is still in progress. A
Personally, I'd lean toward making it a feature of how prompting for masked input works in general. |
Sometimes, it takes someone giving voice to a previously unexpressed need. If you voice it, they may join in the chors, if you will - obviously, that may take time. Based on the the pre-open-source days, PowerShell users have been trained to quietly put up with and work around PowerShell's warts, due to lack of official responses. It seems to me that spirit is, regrettably, still alive - to everyone's detriment.
That many people put up with the inconvenience of having to implement themselves what the built-in cmdlets should support is no argument against adding the necessary features to the latter.
This mindset is a fundamental barrier to the progress of the language.
There was no reason for it to turn into that, as that debates was not worth having: there's ample precedent for such "convenience duplication"
Expecting a freshly hatched feature request to show "a lot of demand" is disingenous.
A false dichotomy, as previously explained:
The only question that matter is: does the feature request fit in with the core mandate of the cmdlet at hand? Waiting for potential community implementations that may or may not gain any traction - not least to due to lack of exposure - is a guaranteed way not to see the built-in functionality improved, but not necessarily due to lack of demand.
If the functionality is useful, let's close that gap.
@ThomasNieto'e example shows you that it's possible.
Not necessarily: if an issue is labeled "up-for-grabs", the bulk of the effort is on whatever community member decides to take this on. |
|
Here is a proof of concept using Terminal.Gui:
I think this specific proof of concept / feature would be a good addition to the ConsoleGuiTools module as @SteveL-MSFT has mentioned. |
|
To be clear: My arguments were of a general nature, as I was getting the impression that feature requests are being opposed on grounds unrelated to their intrinsic merits. Yes, there can ultimately be pragmatic reasons not to implement a request, but I feel that every request deserves "steel-manning", even if it turns out not to be viable (whether at all or as a core feature). @ThomasNieto's contributions here and @SteveL-MSFT's suggestion exemplify this spirit, and for the request at hand I personally agree that https://github.com/powershell/graphicaltools is the better place for such a feature (whereas I do think #19680 deserves to be implemented as part of
This reminds me of the suggestion to generalize
|
|
Sticking to |
Summary of the new feature / enhancement
Can an optional parameter be added to PowerShell’s Read-Host command to show a “visibility eye icon” (aka the “Password Reveal button,” looks like Unicode character “👁”, U+1F441)?
Many secure sites and applications use this technique to let users temporarily display otherwise-masked input in plain text.
This would be a great aid in helping the user verify that he’s entering data correctly. Many times I’ve gotten an “incorrect password” error because I didn’t realize I’d made a typo when entering the password.
For security purposes, the “revealed” input should probably revert automatically to “masked” after a short time interval, or when focus moves to another input field.
Proposed technical implementation details (optional)
No response
The text was updated successfully, but these errors were encountered: