The status of Wayland security

I think the hair being split here is that the input security is a property that falls out as a consequence of switching to a private desktop (and that switching being robust) and is not a special property of the password-accepting application window and is not happening "in-band" of the users desktop.

I think this approach to work around key loggers has merit but only so far as the OS commits to it, and the user can identify when they are being phished, any password dialogs which happen in-band of the users desktop reduce the effectiveness of this design, even in Windows the local users password is accepted in dialogs, when changing privileged settings for example, that doesn't require a SAK to initiate the dialog.