Thomas Delrue on 28 Aug 2015 07:05:18 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Securing Web Site for External Traffic


On 08/28/2015 09:26 AM, Louis K wrote:
>> even if you put a username/password on it, you'll either never 
>> enter it
>>> on your phone because it's too long and hard (it's a secure and
>>>  long password, right?) or you will have something that says
>>> 'use cookie to
> This actually isn't an issue: *my phone's browser remembers the
> http passwords for a while without cookies*. I was surprised by
> this feature but use it regularly and find it very convenient.

Sorry for going tangential here but this (emphasis mine) caught my eye...
Please define "a while"... "Until the end of time" is 'a while' too...
and that tends to be how browsers implement 'save password'.

Save passwords is actually even worse than cookies. Cookies (should)
expire, if you have saved your password, I can now retrieve it and use
it in other places...

Sorry for the diversion, I'll go back to my corner of the room now...

Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug