I noticed today with Software Update that if you type in your password and then follow it with other characters, it will still work. For instance, if your password is "Blue", you could type in "Blue12sh" and it would still work. This seems to me like a minor, yet still possibly significant security flaw.