On Thu, 21 Oct 2010 19:23:10 +0300, Rimas Kudelis wrote:
> Hi, > > 2010.10.21 18:55, pete rašė: >> I agree with Cor, the main reason i use Roundcube is the active maintained >> codebase and a healthy attitude towards privacy and security. For my 2 >> cents, security should have to be the deafult and users can opt out. If you >> develop unsafe defaults, many will use as-is. > > Yeah, except they can't even opt in right now, without using third-party > code. > > Don't get me wrong: I do like sane security measures, but not always the > goal justifies the measures. In this case, I see this absolute inability > to save password as an annoyance. Agreed. It would be nice to at least let autocomplete save the username, and let the user decide whether to save the password or not using the browser's features (Not Now, Never, etc.). > Then also, consider the fact that the same user is quite likely to use > the same password elsewhere (e.g. facebook, which coincidently uses > email address as the user name), which in my eyes makes this security > measure even weaker. And you can't expect the user to use different > passwords everywhere until this becomes convenient enough (as in type > once, save for later, synchronize between desktops). > > Rimas > _______________________________________________ > List info: http://lists.roundcube.net/dev/ [1] > BT/b28e7101 Links: ------ [1] http://lists.roundcube.net/dev/
_______________________________________________ List info: http://lists.roundcube.net/dev/ BT/8f4f07cd
