Password masking with stars, good or bad?

Almost all users are aware of hiding password characters with stars or other such characters. But is this ubiquitos practice actually good? Jakob Nielsen argues that it isn't (always).

So as developers, which route should we choose: hide the password characters as always, or not hide them on the promise of better-quality passwords? Actually I believe the user should have a choice: let the user decide! From my day-to-day routine I can give one example: try WinZip's latest versions and try to encrypt or decrypt an archive. You are given the option. Maybe you should, too?