The Password Reveal Button resembles an eye.
When you click the Password Reveal Button, you'll see the actual text of your password, as shown in Figure B. Of course, the goal of the Password Reveal Button is to allow you the opportunity to check the spelling of your password before you click the arrow button to log in.
When you click the Password Reveal Button, you can check the spelling of your password.
While some may see this as a helpful convenience, some may see it as a potential security breach. If you fall into the latter group, then you may be interested to learn that you can disable the Password Reveal Button.
Fortunately, disabling the Password Reveal Button is easy once you know how to do it. If your edition of Windows comes with the Local Group Policy Editor, then you can disable it there. If not, you can disable the Password Reveal Button with a quick registry hack. In this article, I'll show you how to use both techniques to disable the Password Reveal Button.
Make a backup
Just to be on the safe side, you should make a backup of your system - especially if you will be using the registry edit method. If you want to have a full backup on hand, check out the article Restore Windows 8 with System Image Recovery where I showed you how to create a system image. If you already have a current system image, you may simply want to create a restore point as I showed you in the article Use System Restore as a recovery tool in Windows 8. Of course, you could do both.
The registry method
If you are using the standard version of Windows 8, you can disable the Password Reveal Button by adding a new key and value to the registry. To begin, launch the Registry Editor by pressing [Windows]+R to access the Run dialog box, typing Regedit in the open text box, and clicking OK. Of course, you'll have to deal with the UAC. Then, open the following subkey:
When you access the Windows subkey, you'll add a new Key called CredUI. Right-click the Windows Key and then select the New | Key command, as shown in Figure C. When the new Key appears, name it CredUI.
You'll begin by adding a new Key to the registry.
Now, right click the CredUI Key and select the New | DWORD command, as shown in Figure D. When the new value appears, name it DisablePasswordReveal.
You'll then add a new DWORD value.
Then, double click the new DisablePasswordReveal value and set the Value data to 1, as shown in Figure E. To put the new setting into action, click OK, close the Registry Editor, and restart your system.
Setting the Value data to 1 disables the Password Reveal Button.
Using the Local Group Policy Editor
If you are using Windows 8 Professional, you can disable the Password Reveal Button by changing a Group Policy setting. To begin, launch the Local Group Policy Editor by pressing [Windows]+R to access the Run dialog box, typing gpedit.msc in the open text box, and then clicking OK.
Once the Local Group Policy Editor is up and running, navigate down the Local Computer Policy tree to the Computer Configuration | Administrative Templates | Windows Components folder. Then locate and select the Credential User Interface folder. When you do, locate and select the Do not display the password reveal button setting as shown in Figure F.
In Windows 8 Pro, you can disable the Password Reveal Button in the Local Group Policy editor.
After you double click the setting you'll see the configuration page and will need to select the Enabled radio button, as shown in Figure G. Notice the Requirements section lists this setting as being for Windows RT as well as for Windows 8. To continue, click OK and close the Local Group Policy Editor.
To disable the Password Reveal Button, you'll select the Enabled radio button.
No more Password Reveal Button
Regardless of which method that you used to disable the Password Reveal Button, when you log in to Windows 8, your password is securely hidden, as shown in Figure H.
The Password Reveal Button no longer appears on the Windows 8 Logon screen.
What's your take?
Do you feel that the Password Reveal Button is a helpful convenience or do you feel that it is a potential security breach? Will you disable it? As always, if you have comments or information to share about this topic, please take a moment to drop by the TechRepublic Community Forums and let us hear from you.
Greg Shultz is a freelance Technical Writer. Previously, he has worked as Documentation Specialist in the software industry, a Technical Support Specialist in educational industry, and a Technical Journalist in the computer publishing industry.