[TYPO3-core] RFC: #10993: install tool shows plain passwords

[Xavier Perseguers]

Hi,

>> There would be just one reason to mask the password and this is security
>> but this is not necessary here! 
> Oh yes, it is. What if somebody is standing behind you and is watching
> the screen when you enter the password(s)? Not the first time that
> passwords are stolen this way.

It's OK for me to enter the password and see it (=> no need to enter it 
twice) *but* once entered, I don't want to read it again.

Sometimes I set up a system for someone else and I want to create an 
admin account for me and one for the other, I let him enter his password 
without looking at him but then the password is shown, it's not needed 
anymore.

Same for DB password, of course I may read it from localconf.php but 
there are times I want to show someone else my configuration from 
install tool. Why should the other be able to read my DB password?

-- 
Xavier Perseguers
http://xavier.perseguers.ch/en/tutorials/typo3.html