>Well, for one thing, an admin user should not leave their machine
unprotected (password protected screensaver after 1 min etc...
Agreed in theory, but that's out of our control. In an ideal world all users
would comply with the security policy :)
>but obviously with sensitive admin passwords etc, that's when you choose
not to save the password, when IE asks you...
It only takes a quick click and you've stored the password...again it's out
of our control and up to user doing the right thing. The only thing we can
control is autocomplete="no".
-----Original Message-----
From: Daniel Lancelot [mailto:[EMAIL PROTECTED]]
Sent: 07 July 2000 10:14
To: [EMAIL PROTECTED]
Subject: RE: <cf_secure>(IE5 password autofillin)
Well, for one thing, an admin user should not leave their machine
unprotected (password protected screensaver after 1 min etc...
- for instance, on most windows/exchange email systems, no password needs to
be entered to use email, after the user has logged in, and so windows needs
protecting iin any cae...
but obviously with sensitive admin passwords etc, thats when you choose not
to save the password, when IE asks you...
>From a development pint of view, Hotmail gets round this problem by making
each login page have a unique url (I think with the query string)...
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
