Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.misc > #1594 > unrolled thread

Storing usernames and passwords in Firefox

Back to article view | Back to comp.os.linux.misc

Contents

  Storing usernames and passwords in Firefox "S.K.R. de Jong" <SKRdJ@nowhere.net> - 2011-07-05 15:11 +0000
    Re: Storing usernames and passwords in Firefox Robert Heller <heller@deepsoft.com> - 2011-07-05 10:37 -0500
      Re: Storing usernames and passwords in Firefox "S.K.R. de Jong" <SKRdJ@nowhere.net> - 2011-07-05 23:04 +0000
        Re: Storing usernames and passwords in Firefox Bill Marcum <bill@lat.localnet> - 2011-07-06 12:00 -0400
          Re: Storing usernames and passwords in Firefox "S.K.R. de Jong" <SKRdJ@nowhere.net> - 2011-07-06 17:14 +0000
            Re: Storing usernames and passwords in Firefox The Natural Philosopher <tnp@invalid.invalid> - 2011-07-06 18:42 +0100
              Re: Storing usernames and passwords in Firefox despen@verizon.net - 2011-07-06 22:45 -0400
                Re: Storing usernames and passwords in Firefox The Natural Philosopher <tnp@invalid.invalid> - 2011-07-07 05:50 +0100
                  Re: Storing usernames and passwords in Firefox Michael Black <et472@ncf.ca> - 2011-07-07 11:19 -0400
                  Re: Storing usernames and passwords in Firefox despen@verizon.net - 2011-07-07 12:02 -0400
                    Re: Storing usernames and passwords in Firefox The Natural Philosopher <tnp@invalid.invalid> - 2011-07-07 17:57 +0100
                      Re: Storing usernames and passwords in Firefox despen@verizon.net - 2011-07-07 13:17 -0400
                        Re: Storing usernames and passwords in Firefox The Natural Philosopher <tnp@invalid.invalid> - 2011-07-07 18:39 +0100
            Re: Storing usernames and passwords in Firefox Bob Henson <rh547477@gmail.com> - 2011-07-06 19:07 +0100
              Re: Storing usernames and passwords in Firefox "S.K.R. de Jong" <SKRdJ@nowhere.net> - 2011-07-07 01:19 +0000
                Re: Storing usernames and passwords in Firefox Bob Henson <rh547477@gmail.com> - 2011-07-07 08:42 +0100

#1594 — Storing usernames and passwords in Firefox

	When visiting sites that require a username and a password to 
proceed, Firefox (and Chrome, at that) sometimes offers to store the 
username and password so that I won't have to type them next time I visit 
the site. I have two questions on this.

	First, why does Firefox offer to store username and password for 
some sites, but not for some others?

	Second, is it possible to get Firefox to offer to store username 
and password for all sites that require so?

[toc] | [next] | [standalone]

#1596

At Tue, 5 Jul 2011 15:11:41 +0000 (UTC) "S.K.R. de Jong" <SKRdJ@nowhere.net> wrote:

> 
> 	When visiting sites that require a username and a password to 
> proceed, Firefox (and Chrome, at that) sometimes offers to store the 
> username and password so that I won't have to type them next time I visit 
> the site. I have two questions on this.
> 
> 	First, why does Firefox offer to store username and password for 
> some sites, but not for some others?

There are settings for that.  Also, some sites play interesting games
with JavaScript to screw with Firefox, either to specificly prevent
Firefox from storing usernames and passwords or just to be randomly
clever (because the web programs are having way too much fun writing
clever JavaScript or because some marketing idiot has a way too clever
idea or the web designer has a brain storm or the pointy haired boss
thinks he is a web designer). And other sites play other games,
including placing the password field on a separate page from the page
with the username field, supposedly as a "security feature".  

> 
> 	Second, is it possible to get Firefox to offer to store username 
> and password for all sites that require so?

Check your preferences settings.

>                                                                                                                    

-- 
Robert Heller             -- 978-544-6933 / heller@deepsoft.com
Deepwoods Software        -- http://www.deepsoft.com/
()  ascii ribbon campaign -- against html e-mail
/\  www.asciiribbon.org   -- against proprietary attachments


                                                                 

[toc] | [prev] | [next] | [standalone]

#1610

On Tue, 05 Jul 2011 10:37:22 -0500, Robert Heller wrote:

> At Tue, 5 Jul 2011 15:11:41 +0000 (UTC) "S.K.R. de Jong"
> <SKRdJ@nowhere.net> wrote:
> 
> 
>> 	When visiting sites that require a username and a password to
>> proceed, Firefox (and Chrome, at that) sometimes offers to store the
>> username and password so that I won't have to type them next time I
>> visit the site. I have two questions on this.
>> 
>> 	First, why does Firefox offer to store username and password for
>> some sites, but not for some others?
> 
> There are settings for that.  Also, some sites play interesting games
> with JavaScript to screw with Firefox, either to specificly prevent
> Firefox from storing usernames and passwords or just to be randomly
> clever (because the web programs are having way too much fun writing
> clever JavaScript or because some marketing idiot has a way too clever
> idea or the web designer has a brain storm or the pointy haired boss
> thinks he is a web designer). And other sites play other games,
> including placing the password field on a separate page from the page
> with the username field, supposedly as a "security feature".
> 
> 
>> 	Second, is it possible to get Firefox to offer to store username
>> and password for all sites that require so?
> 
> Check your preferences settings.

	In the Security tab there is a button labeled Remember passwords 
for sites. This is enabled, as it has been all along. Is there anything 
else to check?

[toc] | [prev] | [next] | [standalone]

#1631

On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>
> 	In the Security tab there is a button labeled Remember passwords 
> for sites. This is enabled, as it has been all along. Is there anything 
> else to check?
>
If "Remember passwords" is checked, the first time you log into a site,
Firefox will ask if you want to remember the password. You can choose 
"Remember", "Not now" or "Never for this site".


-- 
Inside every older person is a younger person wondering what the hell
happened.

[toc] | [prev] | [next] | [standalone]

#1634

On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:

> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>
>> 	In the Security tab there is a button labeled Remember passwords
>> for sites. This is enabled, as it has been all along. Is there anything
>> else to check?
>>
> If "Remember passwords" is checked, the first time you log into a site,
> Firefox will ask if you want to remember the password. You can choose
> "Remember", "Not now" or "Never for this site".

	I am aware of that. The problem seems to be that some sites are 
coded in such a way that bypasses Firefox's mechanisms to cache user name 
and password, and there is nothing much one can do about it, apparently.

[toc] | [prev] | [next] | [standalone]

#1636

S.K.R. de Jong wrote:
> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
> 
>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>> 	In the Security tab there is a button labeled Remember passwords
>>> for sites. This is enabled, as it has been all along. Is there anything
>>> else to check?
>>>
>> If "Remember passwords" is checked, the first time you log into a site,
>> Firefox will ask if you want to remember the password. You can choose
>> "Remember", "Not now" or "Never for this site".
> 
> 	I am aware of that. The problem seems to be that some sites are 
> coded in such a way that bypasses Firefox's mechanisms to cache user name 
> and password, and there is nothing much one can do about it, apparently.
> 
I dont think firefox stores 'secure server' logins

[toc] | [prev] | [next] | [standalone]

#1642

The Natural Philosopher <tnp@invalid.invalid> writes:

> S.K.R. de Jong wrote:
>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>
>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>> 	In the Security tab there is a button labeled Remember passwords
>>>> for sites. This is enabled, as it has been all along. Is there anything
>>>> else to check?
>>>>
>>> If "Remember passwords" is checked, the first time you log into a site,
>>> Firefox will ask if you want to remember the password. You can choose
>>> "Remember", "Not now" or "Never for this site".
>>
>> 	I am aware of that. The problem seems to be that some sites
>> are coded in such a way that bypasses Firefox's mechanisms to cache
>> user name and password, and there is nothing much one can do about
>> it, apparently.
>>
> I dont think firefox stores 'secure server' logins

Go here:

http://www.dailygyan.com/2008/08/force-firefox-to-remember-password-of.html
 or
http://tinyurl.com/68yvdr

This explains why Firefox does not ask to remember passwords in some
cases...  and how to disable the feature if you are so inclined.

Be careful.

-- 
Dan Espen

[toc] | [prev] | [next] | [standalone]

#1648

despen@verizon.net wrote:
> The Natural Philosopher <tnp@invalid.invalid> writes:
> 
>> S.K.R. de Jong wrote:
>>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>>
>>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>> 	In the Security tab there is a button labeled Remember passwords
>>>>> for sites. This is enabled, as it has been all along. Is there anything
>>>>> else to check?
>>>>>
>>>> If "Remember passwords" is checked, the first time you log into a site,
>>>> Firefox will ask if you want to remember the password. You can choose
>>>> "Remember", "Not now" or "Never for this site".
>>> 	I am aware of that. The problem seems to be that some sites
>>> are coded in such a way that bypasses Firefox's mechanisms to cache
>>> user name and password, and there is nothing much one can do about
>>> it, apparently.
>>>
>> I dont think firefox stores 'secure server' logins
> 
> Go here:
> 
> http://www.dailygyan.com/2008/08/force-firefox-to-remember-password-of.html
>  or
> http://tinyurl.com/68yvdr
> 
> This explains why Firefox does not ask to remember passwords in some
> cases...  and how to disable the feature if you are so inclined.
> 
> Be careful.
> 

Does that mean that it saves, but is not allowed to USE those passwords?

Or you never get the option to save at all.

[toc] | [prev] | [next] | [standalone]

#1667

On Thu, 7 Jul 2011, The Natural Philosopher wrote:

>> This explains why Firefox does not ask to remember passwords in some
>> cases...  and how to disable the feature if you are so inclined.
>> 
>> Be careful.
>> 
>
> Does that mean that it saves, but is not allowed to USE those passwords?
>
> Or you never get the option to save at all.
>
Surely it means it doesn't save them.  The point of the piece seems to be 
that leaving bank account passwords around isn't good, so the browser 
won't keep them.  If it kept them but didn't use them, then that's a 
vulnerability, it allows someone to find the passwords by searching 
through the files.

I don't think it's Firefox specific.  I still use Seamonkey, and there 
doesn't seem to be a way to save a password or even username for my bank.

    Michael

[toc] | [prev] | [next] | [standalone]

#1669

The Natural Philosopher <tnp@invalid.invalid> writes:

> despen@verizon.net wrote:
>> The Natural Philosopher <tnp@invalid.invalid> writes:
>>
>>> S.K.R. de Jong wrote:
>>>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>>>
>>>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>>> 	In the Security tab there is a button labeled Remember passwords
>>>>>> for sites. This is enabled, as it has been all along. Is there anything
>>>>>> else to check?
>>>>>>
>>>>> If "Remember passwords" is checked, the first time you log into a site,
>>>>> Firefox will ask if you want to remember the password. You can choose
>>>>> "Remember", "Not now" or "Never for this site".
>>>> 	I am aware of that. The problem seems to be that some sites
>>>> are coded in such a way that bypasses Firefox's mechanisms to cache
>>>> user name and password, and there is nothing much one can do about
>>>> it, apparently.
>>>>
>>> I dont think firefox stores 'secure server' logins
>>
>> Go here:
>>
>> http://www.dailygyan.com/2008/08/force-firefox-to-remember-password-of.html
>>  or
>> http://tinyurl.com/68yvdr
>>
>> This explains why Firefox does not ask to remember passwords in some
>> cases...  and how to disable the feature if you are so inclined.
>>
>> Be careful.
>
> Does that mean that it saves, but is not allowed to USE those passwords?
>
> Or you never get the option to save at all.

Without the patch mentioned above, Firefox will never offer to save
Paypal type passwords.

With the patch, you get the offer.  Firefox will save the password and
allow you to use it.

If you are worried about someone else gaining access to your computer
and logging in to your Paypal, bank, or insurance account, don't use the
patch, or don't save passwords for those accounts.

-- 
Dan Espen

[toc] | [prev] | [next] | [standalone]

#1670

despen@verizon.net wrote:
> The Natural Philosopher <tnp@invalid.invalid> writes:
> 
>> despen@verizon.net wrote:
>>> The Natural Philosopher <tnp@invalid.invalid> writes:
>>>
>>>> S.K.R. de Jong wrote:
>>>>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>>>>
>>>>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>>>> 	In the Security tab there is a button labeled Remember passwords
>>>>>>> for sites. This is enabled, as it has been all along. Is there anything
>>>>>>> else to check?
>>>>>>>
>>>>>> If "Remember passwords" is checked, the first time you log into a site,
>>>>>> Firefox will ask if you want to remember the password. You can choose
>>>>>> "Remember", "Not now" or "Never for this site".
>>>>> 	I am aware of that. The problem seems to be that some sites
>>>>> are coded in such a way that bypasses Firefox's mechanisms to cache
>>>>> user name and password, and there is nothing much one can do about
>>>>> it, apparently.
>>>>>
>>>> I dont think firefox stores 'secure server' logins
>>> Go here:
>>>
>>> http://www.dailygyan.com/2008/08/force-firefox-to-remember-password-of.html
>>>  or
>>> http://tinyurl.com/68yvdr
>>>
>>> This explains why Firefox does not ask to remember passwords in some
>>> cases...  and how to disable the feature if you are so inclined.
>>>
>>> Be careful.
>> Does that mean that it saves, but is not allowed to USE those passwords?
>>
>> Or you never get the option to save at all.
> 
> Without the patch mentioned above, Firefox will never offer to save
> Paypal type passwords.
> 
> With the patch, you get the offer.  Firefox will save the password and
> allow you to use it.
> 
> If you are worried about someone else gaining access to your computer
> and logging in to your Paypal, bank, or insurance account, don't use the
> patch, or don't save passwords for those accounts.
> 
Indeed. There are some that I dont mind, but others that I would prefer 
to never have stored. Ho hum. A quandary since the patch is not site 
specific.

[toc] | [prev] | [next] | [standalone]

#1671

The Natural Philosopher <tnp@invalid.invalid> writes:

> despen@verizon.net wrote:
>> The Natural Philosopher <tnp@invalid.invalid> writes:
>>
>>> despen@verizon.net wrote:
>>>> The Natural Philosopher <tnp@invalid.invalid> writes:
>>>>
>>>>> S.K.R. de Jong wrote:
>>>>>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>>>>>
>>>>>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>>>>> 	In the Security tab there is a button labeled Remember passwords
>>>>>>>> for sites. This is enabled, as it has been all along. Is there anything
>>>>>>>> else to check?
>>>>>>>>
>>>>>>> If "Remember passwords" is checked, the first time you log into a site,
>>>>>>> Firefox will ask if you want to remember the password. You can choose
>>>>>>> "Remember", "Not now" or "Never for this site".
>>>>>> 	I am aware of that. The problem seems to be that some sites
>>>>>> are coded in such a way that bypasses Firefox's mechanisms to cache
>>>>>> user name and password, and there is nothing much one can do about
>>>>>> it, apparently.
>>>>>>
>>>>> I dont think firefox stores 'secure server' logins
>>>> Go here:
>>>>
>>>> http://www.dailygyan.com/2008/08/force-firefox-to-remember-password-of.html
>>>>  or
>>>> http://tinyurl.com/68yvdr
>>>>
>>>> This explains why Firefox does not ask to remember passwords in some
>>>> cases...  and how to disable the feature if you are so inclined.
>>>>
>>>> Be careful.
>>> Does that mean that it saves, but is not allowed to USE those passwords?
>>>
>>> Or you never get the option to save at all.
>>
>> Without the patch mentioned above, Firefox will never offer to save
>> Paypal type passwords.
>>
>> With the patch, you get the offer.  Firefox will save the password and
>> allow you to use it.
>>
>> If you are worried about someone else gaining access to your computer
>> and logging in to your Paypal, bank, or insurance account, don't use the
>> patch, or don't save passwords for those accounts.
>>
> Indeed. There are some that I dont mind, but others that I would
> prefer to never have stored. Ho hum. A quandary since the patch is not
> site specific.

No, but the decision to save the password is.

-- 
Dan Espen

[toc] | [prev] | [next] | [standalone]

#1672

despen@verizon.net wrote:
> The Natural Philosopher <tnp@invalid.invalid> writes:
> 
>> despen@verizon.net wrote:
>>> The Natural Philosopher <tnp@invalid.invalid> writes:
>>>
>>>> despen@verizon.net wrote:
>>>>> The Natural Philosopher <tnp@invalid.invalid> writes:
>>>>>
>>>>>> S.K.R. de Jong wrote:
>>>>>>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>>>>>>
>>>>>>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>>>>>> 	In the Security tab there is a button labeled Remember passwords
>>>>>>>>> for sites. This is enabled, as it has been all along. Is there anything
>>>>>>>>> else to check?
>>>>>>>>>
>>>>>>>> If "Remember passwords" is checked, the first time you log into a site,
>>>>>>>> Firefox will ask if you want to remember the password. You can choose
>>>>>>>> "Remember", "Not now" or "Never for this site".
>>>>>>> 	I am aware of that. The problem seems to be that some sites
>>>>>>> are coded in such a way that bypasses Firefox's mechanisms to cache
>>>>>>> user name and password, and there is nothing much one can do about
>>>>>>> it, apparently.
>>>>>>>
>>>>>> I dont think firefox stores 'secure server' logins
>>>>> Go here:
>>>>>
>>>>> http://www.dailygyan.com/2008/08/force-firefox-to-remember-password-of.html
>>>>>  or
>>>>> http://tinyurl.com/68yvdr
>>>>>
>>>>> This explains why Firefox does not ask to remember passwords in some
>>>>> cases...  and how to disable the feature if you are so inclined.
>>>>>
>>>>> Be careful.
>>>> Does that mean that it saves, but is not allowed to USE those passwords?
>>>>
>>>> Or you never get the option to save at all.
>>> Without the patch mentioned above, Firefox will never offer to save
>>> Paypal type passwords.
>>>
>>> With the patch, you get the offer.  Firefox will save the password and
>>> allow you to use it.
>>>
>>> If you are worried about someone else gaining access to your computer
>>> and logging in to your Paypal, bank, or insurance account, don't use the
>>> patch, or don't save passwords for those accounts.
>>>
>> Indeed. There are some that I dont mind, but others that I would
>> prefer to never have stored. Ho hum. A quandary since the patch is not
>> site specific.
> 
> No, but the decision to save the password is.
> 
I am a great believer in my personal Jekyll and Hyde mentality.

Which is why I don't have a null root password.
Too tempting in the heat of the moment..

[toc] | [prev] | [next] | [standalone]

#1637

On 06/07/2011 18:14, S.K.R. de Jong wrote:
> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
> 
>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>
>>> 	In the Security tab there is a button labeled Remember passwords
>>> for sites. This is enabled, as it has been all along. Is there anything
>>> else to check?
>>>
>> If "Remember passwords" is checked, the first time you log into a site,
>> Firefox will ask if you want to remember the password. You can choose
>> "Remember", "Not now" or "Never for this site".
> 
> 	I am aware of that. The problem seems to be that some sites are 
> coded in such a way that bypasses Firefox's mechanisms to cache user name 
> and password, and there is nothing much one can do about it, apparently.
> 

There is now a Linux version of Roboform as an extension for Firefox
that is under development and at the moment is free. That will do the
job nicely. I dare say as all it's features are enabled they'll start
charging.
-- 
http://www.galen.org.uk


Alcohol and Calculus don't mix. Never drink and derive.

[toc] | [prev] | [next] | [standalone]

#1641

On Wed, 06 Jul 2011 19:07:26 +0100, Bob Henson wrote:

> On 06/07/2011 18:14, S.K.R. de Jong wrote:
>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>> 
>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>
>>>> 	In the Security tab there is a button labeled Remember passwords
>>>> for sites. This is enabled, as it has been all along. Is there
>>>> anything else to check?
>>>>
>>> If "Remember passwords" is checked, the first time you log into a
>>> site, Firefox will ask if you want to remember the password. You can
>>> choose "Remember", "Not now" or "Never for this site".
>> 
>> 	I am aware of that. The problem seems to be that some sites are
>> coded in such a way that bypasses Firefox's mechanisms to cache user
>> name and password, and there is nothing much one can do about it,
>> apparently.
>> 
>> 
> There is now a Linux version of Roboform as an extension for Firefox
> that is under development and at the moment is free. That will do the
> job nicely. I dare say as all it's features are enabled they'll start
> charging.

	Thanks for your suggestion. However, Roboform is not an option: I 
won't keep my passwords on a remote server controlled by somebody who 
may, or may not, have access to them in the clear.

[toc] | [prev] | [next] | [standalone]

#1653

On 07/07/2011 02:19, S.K.R. de Jong wrote:
> On Wed, 06 Jul 2011 19:07:26 +0100, Bob Henson wrote:
> 
>> On 06/07/2011 18:14, S.K.R. de Jong wrote:
>>> On Wed, 06 Jul 2011 12:00:36 -0400, Bill Marcum wrote:
>>>
>>>> On 2011-07-05, S.K.R. de Jong <SKRdJ@nowhere.net> wrote:
>>>>>
>>>>> 	In the Security tab there is a button labeled Remember passwords
>>>>> for sites. This is enabled, as it has been all along. Is there
>>>>> anything else to check?
>>>>>
>>>> If "Remember passwords" is checked, the first time you log into a
>>>> site, Firefox will ask if you want to remember the password. You can
>>>> choose "Remember", "Not now" or "Never for this site".
>>>
>>> 	I am aware of that. The problem seems to be that some sites are
>>> coded in such a way that bypasses Firefox's mechanisms to cache user
>>> name and password, and there is nothing much one can do about it,
>>> apparently.
>>>
>>>
>> There is now a Linux version of Roboform as an extension for Firefox
>> that is under development and at the moment is free. That will do the
>> job nicely. I dare say as all it's features are enabled they'll start
>> charging.
> 
> 	Thanks for your suggestion. However, Roboform is not an option: I 
> won't keep my passwords on a remote server controlled by somebody who 
> may, or may not, have access to them in the clear.
> 

Neither will I, it's the very last thing I'd do. You don't have to use
Roboform's own remote servers at all, if you don't want to.

-- 
http://www.galen.org.uk


There are 10 types of people in the world: those who understand binary,
and those who don't.

[toc] | [prev] | [standalone]

Back to top | Article view | comp.os.linux.misc

csiph-web