Some context: I'm working on a redesign of a login & registration system for a large web site. User registration is required to post comments to stories, subscribe to newsletters and post media (photos, video) for public viewing only. No financial or private data is stored other than publicly posted information.
One of my personal goals is to reduce the amount of user anxiety and friction involved with registration. I've seen some research (that I can't find now) that shows masking the password during the ubiquitous "enter password / enter password again" process is often where the most user anxiety occurs. I've also read Luke Wroblewski's musing on removing the masking completely with interest.
Has anyone seen any other research regarding registration flow and the usability / security implications of unmasking passwords during registration?
My gut instinct is that we've settled on the dual password field & masking simply because that's the default for the form input, and that in many instances where the user data being protected isn't critical this security measure can be dropped (especially on mobile). The analogy I think of is the difference between signing up for a new bank account vs. signing up for a library membership — one obviously requires a higher level of scrutiny and security than the other.
I'm trying to find data to validate or invalidate this idea and any data whatsoever would be very helpful.