Follow TV Tropes


Highly Visible Password

Go To
Incorrect password. Please try again.
Correct. Welcome to the page.

When passwords are being entered, they're always displayed on screen in plain text, rather than asterisked out. Why? So you can see how clever either the characters or the writers are being; often it being some kind of reference or pun.

They will also usually be all-caps and include no punctuation, whereas in real life you're encouraged to mix cases and use symbols to foil dictionary attacks.

Part of the office-variety Viewer-Friendly Interface.

In a futuristic setting, the password may even be spoken to the computer. In the future, nobody minds if the Bridge Bunnies know The Captain's security codes, since the computers are smart enough to make sure the code is spoken by the correct voice and apparently nobody uses a tape recorder in the future.

Compare The Password Is Always "Swordfish", Password Slot Machine. Often lends itself to Override Command. Not to be confused with the popularity of a certain game show.


    open/close all folders 

  • Taken to extremes in this episode of Jinnai Tomonori's series. It repeats his PIN out loud for confirmation, then displays it on-screen in a large font.

    Comic Books 
  • In the Watchmen comic, not only does the password show up on the screen, the computer helpfully informs the person breaking into the system that the password is incomplete. Hey, it was The '80s, it was a simpler, more naive time; you don't know things didn't work that way then. There's also a theory that Ozymandias wanted them out of New York City before he kills half of the city's population to prevent a nuclear war between the United States and Russia.

    Film — Animation 
  • Taken to its extreme in The Incredibles. Not only does Syndrome's computer display the password, but his monitor is the size of an IMAX screen and the letters are several feet tall. Of course, just to get to the computer you have to get past a literal firewall (a waterfall of lava) and an array of anti-superhero turrets fire at you if you get the password wrong, so Syndrome probably isn't too worried about unauthorized users seeing his password.

    Film — Live-Action 
  • In the Bibi Blocksberg movie, Rafea uses a spell to make the password of Mr. Blocksberg's computer a highly visible one.
  • Strange inversion in the Death Note movie: the username is asterisked out while the password is highly visible. Some Real Life systems actually work that way.
  • In Tidal Wave No Escape, this is how the user is shown ahead of time that the big bad's ultimate (and all-caps) computer password is the hero's name.
  • The password entered by Kevin Flynn to enter the Master Control's computer system in TRON would have been a better one if it wasn't so visible: REINDEER FLOTILLA, 17 characters in all (remember, spaces count!!) Given a Mythology Gag in TRON 2.0, as the password REINDEER TORTILLA activates a battalion of read only and indestructible tanks, forcing Jet to run a gauntlet.
    • Still better than his rival Dillinger's: MASTER. Dillinger's stupidly simple password almost works as Foreshadowing to indicate he's actually crap at programming and didn't earn his position honestly. The silly passwords are almost Justified by the era. Computer networking and security wasn't as much of a thought in the early 80's.
  • In Unknown (2011), when Liz types in the passwords, they are visible in plain text. And they are using spaces.
  • WarGames has a Highly Visible Password typed in a terminal program. In most real-life command line programs, a password simply won't show up at all rather than showing up either as plain text or as asterisks. This can be irritating if you don't realize you've made a typo because you can't see that there's one extra asterisk.
  • Played straight in White Frog when Nick is trying to get into his dead brother's email account at home. Later averted when Nick is trying different passwords on a public bench and all the letters are asterisked out.

  • When running through the security check to power up one of the setting's Humongous Mecha in BattleTech novels, the passphrase is always spoken out loud. Less of a security risk than it may seem since the pilot is usually alone in the cockpit at the time and other ways to hack into and take over a 'Mech exist anyway, but definitely a case of Viewer-Friendly Interface.
  • In The Secrets of the Immortal Nicholas Flamel the speaking passwords out loud variation is used, with the passwords to the various security systems of Machiavelli's all being the Italian titles of his works. Fortunately, they do have voice recognition, so it's not as if his enemies could just hire a Renaissance scholar to crack them. And nobody knows (or would believe) he's the original Machiavelli anyway.

    Live-Action TV 
  • Happens in Heroes when Mohinder's trying to guess his father's password.
    • Ditto when Elle was trying to get into her father's computer
  • Sherlock:
    • In "A Scandal in Belgravia", after Sherlock correctly infers that the blanks in the password to Irene's smartphone, which displays "I AM ***LOCKED," should be filled in with the letters S,H,E and R, they appear rather dramatically on the phone's screen.
    • And again in "The Hounds of Baskerville", with the password to Major Barrymore's mainframe.
  • All versions of Star Trek have the "say the password aloud" version of this trope. They are checking for voice matches too, but a few episodes have shown that the computer can be fooled by a recording of the officer in question saying the password - or even just a really good impersonator.
    • Also, what happens if the officer in question catches a cold?
  • The X-Files, "Little Green Men": When Agent Scully needs to open a password-protected file on Mulder's computer, her guesses are visible to viewers. She tries SPOOKY (Mulder's nickname), SAMANTHA (name of his abducted little sister), and the third is the charm: TRUSTNO1, which are the dying words of Mulder's first Mysterious Informant Deep Throat.

    Video Games 
  • At one point in Broken Helix, the player is given the password for a computer containing the files for Project Broken Helix. This trope occurs when the player enters the password, which clearly says "Contact".
  • Every time you encounter a keypad locked door in one of the Crusader games, there will be a computer nearby with an email on the screen reading something to the effect of "In accordance to our security regulations, the access code to the lab has changed. The new code is 349".
  • In the game Fallout 3, when a player attempts to hack a computer, not only does the computer conveniently provide a list of possible passwords, it also tells you how many letters are correct and in the right place.
    • Ironically the password is asterisked when you type it (i.e. when you know it).
  • Many networked arcade games by Konami will require you to enter a PIN (along with your card) to log into your account. If the game is touchscreen-based, or has buttons overlaid on the screen like jubeat, a virtual keypad will be displayed on the screen, and the arrangement of digits on the keypad will shuffle on every PIN entry attempt in order to defy this trope by preventing other people from easily guessing your PIN based on where you're tapping (the aforementioned jubeat in particular has a 4x4 grid of buttons that are quite big compared to the keys on a conventional keypad).
  • In Just More Doors, each time you get to an interface asking you for a password, it will clearly display what you type. On top of being a highly visible purple and taking almost the whole height of the wall.
  • In Mega Man Battle Network, MegaMan.EXE is always able to see the passwords and security certificates Lan needs him to handle; this is justified because as a NetNavi one of his roles is to help manage passwords, and he is typically in the right data spaces to see and manage said passwords, which are sometimes amusingly visible from his point of view as massive letters printed on huge floor tiles.
  • In the game Second Sight, the player can access computer terminals. If the terminal needs a password and the player doesn't know it then John Vattic (the Main Character) keeps entering generic passwords, which the player can see on the screen.
  • Sly 2: Band of Thieves: One mission requires you to trigger the alarms to lure a guard to deactivate them, at which point you can photograph the passcode, which is displayed in enormous digits just above the keypad.
  • In Splinter Cell: Chaos Theory there is not so much a highly visible password as a highly audible one. A guard will be having an argument with someone over the phone within earshot of the player. When the player starts listening in, the topic has changed to the dangers of speaking a door code out loud. The frustrated guard will then shout out the door code repeatedly to prove that nobody is listening in.

    Web Original 
  • TV Tropes: This very wiki unfortunately doesn't store users' passwords securely at all. If you look in your browser's cookies, you'll likely see your password there, clear as day. Since sessions aren't encrypted, this also means your password is sent in cleartext every time you load a page.

    Western Animation 
  • Code Lyoko gives us the referential type: when Jérémie is first prompted for an access code for Sector 5 (codenamed "Carthage"), we're treated to a series of dropped names from the Punic Wars before he finally gains access with "SCIPIO" (Scipio Romanus, the guy who eventually conquered Carthage).
  • In the finale of Cyber Six, Von Reichter's password to move his "Isle of Doom" is "THE LATE CYBERSIX" in hugely visible block-print letters. Of course Jose reads it rather easily and bites Von Reichter in the rear so hard with it it's not funny.

    Real Life 
  • The initial version of the Wii's Internet Browser used an on screen keyboard that showed you what you were typing, no matter what kind of field you were typing it in. The latest version will display asterisks if you are filling in a password field, but that's only if you aren't using the word completer.
    • That said, just try and input a password into a field using the screen's keyboard (ie, not plugging in a keyboard into a USB port) with someone in the room and do so without them figuring out what it is. Also, linking your Wii Shop Channel account to your Club Nintendo account requires a password which isn't masked in any way.
    • Same thing for the PS3's onscreen keyboard
  • Several touch-screen devices display the most recently typed letter of the password, with the rest being dots. For instance, if you're typing "trope", it will appear as t, *r, **o, ***p, ***e, *** . Not a bug but an Anti-Frustration Feature, as the tiny on-screen keyboard makes it very easy to hit the wrong key, and if it was all dots there'd be no way to know you'd done it until your login was refused.
    • This has been seen in iPod touch, iPhone, iPad, Android devices (if "Visible passwords" is turned on), the DSi's web browser, the 3DS & Wii U eShops, and the Blackberry Storm 9500.
    • Some versions of the Palm also did this. Stories abound of people making their passwords all asterisks to fool shoulder snoopers.
  • There's a Firefox extension called "Show my Password" that does this, for people who are annoyed by their passwords being hidden on computers located in their own homes where no one could possibly be spying on them. This is not as true as they'd like to think, at least if you're important enough to spy on.
    • Fridge Logic: if you are important enough to spy on, aren't you important enough to have a keylogger put into your computer? (Given that one of these can be done remotely...)
    • What if you don't know you're important enough to spy on?
  • The "remember my password on this computer" function can have a similar effect. Hilarity Ensues whenever someone uses this for something critical without bothering to set a login password for their PC, and it gets stolen.
    • A start-up password is *NOT* secure. They take less than two minutes to bypass by moving a jumper on the motherboard. Nor are windows startup passwords secure.
    • Even if that start-up password WAS secure, it does *NOT* lock up the documents stored on a hard drive, which can easily be accessed by another operating system to which you DO have the password. It merely prevents access through the OS installed on that drive. To secure the actual documents, you would need file encryption.
  • And then there's folks who think that passwords should not be masked by default anyway.
    • The first computer hackers, mostly found at MIT in the late 50s / early 60s, believed there shouldn't be passwords at all — everybody should have access to everybody's files — yes, even write access! They managed to keep that ideology in place in university computers for a surprisingly long time. Read all about those folks in this book.
  • Some command line programs (like the MySQL client) still have ways of entering the password in the clear.
  • In one of the more boneheaded examples of this trope, an update to a popular VPN program requires the user to enter the password by clicking on a huge on-screen keyboard. With the positions of the keys randomized, to slow you down while you search for where the A key is this time so that the person sitting next to you has plenty of time to jot down your password. The password itself is masked, presumably because it makes the joke funnier that way.
  • Inverted by Lotus Notes; the password field dumps random huge numbers of asterisks into the password field as you type so you can't even tell how long it actually is from the screen.
  • A feature that is becoming more common and is available on the Windows 8 (and up) operating system is the ability to toggle between asterisks and a visible password by clicking a small button beside the password input box.
  • Most Unix and Linux password input fields in the terminal avert this by way of not even showing anything as the password is typed.
  • A type of attack called a replay attack would allow a hacker to use a hashed password to pose as a real user. The theory is, since the hashed password is, in theory, unique, it's effectively the same thing as the password itself. Thankfully there are measures to avoid this that are easy to implement.
  • Smartphone on-screen keyboards usually avert this trope:
    • Many custom keyboards for Android will disable word prediction and completion if they detect you typing in a password field.
    • iOS will forcibly switch your keyboard to the stock iOS keyboard with prediction and correction turned off when typing in a password field, to prevent you from using a third-party keyboard that may then store that password in a way that's relatively insecure without you being aware of it.
  • Many web sites and programs will temporarily disable password masking if you submit an incorrect password, presumably on the assumption that you still know your password and just mistyped it.
  • TV Tropes wiki password changer, though an overhaul to the wiki software has since fixed that.
  • Telnet transmits all its information in plaintext, which means that anyone with a packet sniffer can see your MUD password. This is why Telnet has been deprecated for remote logins in favor of SSH.
  • Android has a unique "trace a pattern on a grid to unlock your phone" feature, which many use since it's more convenient than tapping on a virtual numpad while still being less exploitable than unlock methods based on fingerprints or facial recognition. However, early versions of Android show the pattern you're tracing by default, allowing your friend or the stranger next to you to easily see it. Furthermore, if you use the pattern enough and you don't routinely clean your screen, someone can easily figure out the pattern just from the smudges.


Video Example(s):


"Code Capture"

"Code Capture" requires you to trigger the alarms to lure a guard to deactivate them, at which point you can photograph the passcode, which is displayed in enormous digits just above the keypad.

How well does it match the trope?

5 (2 votes)

Example of:

Main / HighlyVisiblePassword

Media sources: