I was browsing the Firefox settings for optimizing performance and came across the "Security tab in Firefox Preferences". I was amazed to see a button called Show_Passwords.
.
I decided to probe further and clicked on it, viola it showed the list of websites with my user name on it. What more it even had a button which said "Show Passwords".
Clicking on it brought a dialog box which confirmed if I really wanted my passwords to be displayed.
Clicking yes revealed all my usernames along with respective passwords.
Now this can be handy for a home computer where if I forget my password, I can easily get it back. At the same time this poses a huge risk in Office environment, where many a times we go to get a steaming cup of coffee without locking our desktop. I know leaving the desktop unlocked is a foolish thing to do, but its a fact that many a times we do forget. In those circumstances, a colleague might easily get our personal passwords. Imagine someone getting your mail password, without your knowledge and silently read through your mails/chats.
Having discovered this, I immediately looked for similar "feature" in Konqueror- I found none. I know of a few hacks in Windows which help reveal the IE stored passwords, but the password-self-revealing feature of Firefox takes the cake when it comes to security loophole.
. I decided to probe further and clicked on it, viola it showed the list of websites with my user name on it. What more it even had a button which said "Show Passwords".
Clicking on it brought a dialog box which confirmed if I really wanted my passwords to be displayed.
Clicking yes revealed all my usernames along with respective passwords.
Now this can be handy for a home computer where if I forget my password, I can easily get it back. At the same time this poses a huge risk in Office environment, where many a times we go to get a steaming cup of coffee without locking our desktop. I know leaving the desktop unlocked is a foolish thing to do, but its a fact that many a times we do forget. In those circumstances, a colleague might easily get our personal passwords. Imagine someone getting your mail password, without your knowledge and silently read through your mails/chats.
Having discovered this, I immediately looked for similar "feature" in Konqueror- I found none. I know of a few hacks in Windows which help reveal the IE stored passwords, but the password-self-revealing feature of Firefox takes the cake when it comes to security loophole.
Powered by ScribeFire.
1 comments:
hey, thanks so much for the awareness. good i got to find out on time, i can be more careful with my system security. How do i retrieve my IE passwords, need to know that before someone hits me. my add is uadikema@yahoo.com. thanks
Post a Comment