What about the security concept defense in depth?
I can't believe what I'm reading especially coming from Bruce S. I can somewhat see their point, but about defense in depth? They need to go work in a cube environment for a few days then rethink the idea of not masking passwords.