Re: AW: The --password and clumsy users issue
From: Julian Foad <julianfoad_at_btopenworld.com>
Date: Fri, 4 Jul 2014 16:23:26 +0100
I was about to commit Ben's suggestion of changing the --password help text to
"specify a password ARG (this usually is not secure)"
as a first step that would be useful on its own regardless whether we do something more.
But then I thought about how users (myself included) tend to ignore warnings that are vague and unqualified: a "don't do that" without explaining the consequences. Does this apply to my situation?, I would wonder. It might make them/me pause for a moment, but if there's no easy way to learn why I shouldn't do X I will probably go ahead and do it.
So how about:
"specify a password ARG (insecure: on many systems,
Is that clear enough?
This is an archived mail posted to the Subversion Dev mailing list.