[rt-users] Login password save

Jerrad Pierce jpierce at cambridgeenergyalliance.org
Thu Sep 24 15:36:41 EDT 2009


On Thu, Sep 24, 2009 at 15:34, Tom Lahti <toml at bitstatement.net> wrote:
>>> Has anyone ever come across an extension or made a login password saver
>>> using cookies? I'm just wondering I had a few users ask about saving
>>> their login password.
>
>> Evil bad awful idea.
>
> ... because anyone with physical access to their computer can create RT
> transactions as the user with the saved password without having to know the
> password.
I was thinking more that it generally ends up storing the password in the clear,
and is constantly sending that information back to the server.

Besides, browsers have built-in facilities for remembering passwords
if that's your bag;
and in FF they can all be encrypted with a single master password.

-- 
Cambridge Energy Alliance: Save money. Save the planet.



More information about the rt-users mailing list