Bug 339211 – Stored passwords easily discoverable

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 339211 - Stored passwords easily discoverable


Summary:	Stored passwords easily discoverable


Status:	RESOLVED NOTABUG

Product:	epiphany
Classification:	Core
Component:	Downloads
Version:	git master
Hardware:	Other Linux

Importance:	Normal major
Target Milestone:	---
Assigned To:	Epiphany Maintainers
QA Contact:	Epiphany Maintainers

URL:
Whiteboard:

Depends on:	130336
Blocks:

Reported:	2006-04-20 18:28 UTC by Wouter Bolsterlee (uws)
Modified:	2009-03-02 22:30 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Wouter Bolsterlee (uws) 2006-04-20 18:28:37 UTC

The personal information dialog has a checkbox to toggle the display of password data. This feature is not secured in any way. If I let someone use my computer ("Hey, can I check my e-mail? Sure!") they can view all my passwords with 3 mouse clicks. Pretty bad, imho.

Comment 1 Reinout van Schouwen 2006-04-21 13:24:07 UTC

Well, either you trust people to use your account, or you don't. If you don't trust them, it would be better to make a guest account or not use the password saving feature. Viewing saved passwords on webforms can be done using a simple line of javascript anyway.

Comment 2 Diego Escalante Urrelo (not reading bugmail) 2006-08-17 03:01:22 UTC

I agree with Reinout, if you leave someone at your desktop you better trust him/her or if you don't trust this person create a guest account.

Comment 3 Darin 2007-05-06 23:06:56 UTC

You guys can't be serious! This is basic security stuff! It's unrealistic to suggest that each time a person visits your house you should go over to your computer, log off, and onto a guest account. Not to mention many families don't even bother with accounts, and use a single family account. Add to that the many users who also use auto-login.

There is a major difference between going out of ones way to break security via javascript or any other means, and simply clicking a check mark button that is barely a click away that says "Show me all the passwords!"

Can anyone really honestly say they would trust anyone to sit at their computer when there is a simple option to allow them to see your passwords, some of which could be banking passwords, etc.

It's the most basic of security. It's really foolhardy to say because someone can do it, anyone should be able to - and because of that, it shouldn't even be bothered with. To be outright insecure for any reason is bogus.

At the very least this option should only appear in either Gnome Conf Editor, or about:config. But not right under the Personal Data menu. Even security through obscurity is better than no security at all.

Ideally, though, it would not even be in those spots, or in any way easily accessible. It would be nice to allow the user to set a Master Password for managing personal data.

- Darin

Comment 4 Reinout van Schouwen 2007-05-06 23:54:12 UTC

@Darin: The password saving feature isn't intended to be secure at all, but it's intended as a convenience to the user. Using gnome-keyring or seahorse to manage personal data is a good idea, but that's filed as bug 130336.

Having said that, bugzilla isn't the place for discussion - if you feel the need to, please take it to the mailing list. Thanks!

Comment 5 Christian Persch 2007-05-07 09:38:28 UTC

Firefox stores passwords without a master password by default, too.

You can disable password saving in about:config, set signon.rememberSignons to false.

Comment 6 Reinout van Schouwen 2009-03-02 22:30:19 UTC

Bug 130336 is fixed with WebKitGTK, as for the rest of this bug, I'm closing it as NOTABUG.