Recently, I was in a meeting where several people gave presentations via a projector. As almost always happens, there were minor glitches in transitioning the projector connection from one notebook computer to the next. As part of her presentation, one unsuspecting person needed to log in to a site. Without looking at the screen to see what was actually being displayed, she ran through her login and password and clicked ‘ENTER’. She then looked up and saw that she had accidentally entered her password in the ‘NAME’ field. The result was that for several seconds, 9 strangers saw her full access credentials for the site. Nobody said anything. She cleared the fields and ran through the process again – this time successfully.
At the break, after talking about the material she presented, I quietly suggested that she change her password. “What do you mean?” When I explained that there were 9 additional people who now knew her information, she looked surprise. “Oh, that little slip when I started! I’m sure that no one here has any reason to do anything funny.”
We humans are a trusting species, especially when face-to-face contact is involved. Unless we have a specific reason to be suspicious of someone, we usually give people the benefit of the doubt about possible bad intentions. That’s fine and necessary for our daily lives: the local grocer and paperboy don’t want to rip us off; if we didn’t trust the other drivers on the road, then we would never be able to get anywhere. But we still have keys to lock up our stuff.
As for accidentally revealing all or part of a password, I’ve had it happen to me at inopportune moments in the past, and it’s not that uncommon to see it when working with people at a projector or a monitor. The people sitting around may or may not notice what happened, and they probably aren’t interested in your passwords. But you never know. And why would you take the risk? Next time something like that happens to you, make sure you double back at the first opportunity to change that password.