Re: Making Passwords Show Letters ?
Frosted Flake wrote on 04/28/2015 6:30 PM: my solution to this is a txt file where i store all of my passwords... My solution is to take screenshots of the password manager :-) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 30/04/15 19:03, Richard Falken wrote: Crypto hashes are really powerful and are the standard way of storing passwords in many systems. You might now that a password hash is $5$sdsd7f89sd7fsda89f7$9AO/NHJbfjwllqiFOOeq63ICdSDwaejGNa36IL6d4pC. You might not use this information to find what the password that generates this hash is. The reason is that cryptographic checksums work only one way. You can take an input and turn it into a hash, but there is no practical way to take a hash and find what the input is out. When I later enter my password, the system *must* do something to that input to compare it to the saved data. So the system *must* know what that something was, so the process is repeatable. -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Daniel wrote: On 30/04/15 19:03, Richard Falken wrote: Crypto hashes are really powerful and are the standard way of storing passwords in many systems. You might now that a password hash is $5$sdsd7f89sd7fsda89f7$9AO/NHJbfjwllqiFOOeq63ICdSDwaejGNa36IL6d4pC. You might not use this information to find what the password that generates this hash is. The reason is that cryptographic checksums work only one way. You can take an input and turn it into a hash, but there is no practical way to take a hash and find what the input is out. When I later enter my password, the system *must* do something to that input to compare it to the saved data. So the system *must* know what that something was, so the process is repeatable. When you set the password, it is hashed and the hash is stored. The hash algorithm is repeatable, but not easily reversible, so it is impractical to work out what the password was from the hash. When checking if an entered password is correct, the same hash algorithm is applied to the entered password. The hash of the entered password is compared to the hash of the originally set password, and if they're the same the password is considered correct. It is not necessary to recover the original password from the hash, but as you say it is necessary to be able to repeat the process. It is possible that more than one password can result in the same hash, but a good, secure hashing algorithm minimises the chances of such a collision being found any more easily than the original password. That's more related to storing passwords for authentication though, e.g. it's how your operating system might store your password to check when you log in, or how your mail provider might store your password for logging in to their services. In the context of encrypted files (which I think is how this discussion started), the password doesn't need to be stored anywhere, not even in hashed form. In that case, the password is used to generate an encryption key, which is used to encrypt the file. To decrypt the file, the user is prompted for a password and that password is used to generate the key for decrypting the file. If the password was correct, the file is successfully decrypted, otherwise the result of decrypting the file is nonsense. In the case of SeaMonkey's password database, for example, if the wrong password is entered the password manager won't be able to make sense of the decrypted file so prompts for the password again. Mark. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Lee wrote: So something like public key encryption is infeasible to crack because cracking it requires factoring large numbers. I suspect password hashes are in the middle ground.. Somebody like the NSA probably has a rainbow table for every popular password hashing scheme, so if they're interested they've already broken $5$sdsd7f89sd7fsda89f7$9AO/NHJbfjwllqiFOOeq63ICdSDwaejGNa36IL6d4pC (assuming it _is_ a valid password hash :) That's where salts, which I think were mentioned earlier in this thread, come in. For each user, a few extra characters (known as the salt) are generated and stored. On setting the password, the salt is added to the password, then that combination is hashed and the hash stored. On checking a password entered for authentication, the salt is looked up and added to the entered password, then that combination is hashed and compared against the original hash. If the password matches, and the same salt is used, the hashes will match. A pre-generated rainbow table is useless, since it didn't append the correct salt to each password before hashing it. Even if the salt values are discovered, a separate table has to be generated for each user, since the salts will be different. So it's no easier than brute force anyway. But against someone doing a brute-force or dictionary attack that hash might be safe.. Regards, Lee Mark. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 5/1/15, Daniel dan...@albury.net.spam.au wrote: On 30/04/15 19:03, Richard Falken wrote: Crypto hashes are really powerful and are the standard way of storing passwords in many systems. You might now that a password hash is $5$sdsd7f89sd7fsda89f7$9AO/NHJbfjwllqiFOOeq63ICdSDwaejGNa36IL6d4pC. You might not use this information to find what the password that generates this hash is. The reason is that cryptographic checksums work only one way. You can take an input and turn it into a hash, but there is no practical way to take a hash and find what the input is out. When I later enter my password, the system *must* do something to that input to compare it to the saved data. So the system *must* know what that something was, so the process is repeatable. Correct. But just because a process is repeatable doesn't mean that cracking it is practical. So something like public key encryption is infeasible to crack because cracking it requires factoring large numbers. I suspect password hashes are in the middle ground.. Somebody like the NSA probably has a rainbow table for every popular password hashing scheme, so if they're interested they've already broken $5$sdsd7f89sd7fsda89f7$9AO/NHJbfjwllqiFOOeq63ICdSDwaejGNa36IL6d4pC (assuming it _is_ a valid password hash :) But against someone doing a brute-force or dictionary attack that hash might be safe.. Regards, Lee ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 01/05/15 21:31, Lee wrote: Hmm, Lee is contributing via the lists, but when I try to reply to his post, all that shows is the Lee wrote: line and my sig file gets added. As I seem to be just going round and round, so good time time to end it, I guess. -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Rainer Bielefeld wrote: JAS schrieb: https://addons.mozilla.org/en-US/firefox/addon/show-password/ through the http://addonconverter.fotokraina.com/ and it works fine. You can toggle it on and off. Works fine for me. Hi, can you please tell your Operating System, SeaMonkey version and Localization, so that I can add oyur result to https://wiki.mozilla.org/SeaMonkey/AddonCompat? According to his mail header: User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:35.0) Gecko/20100101 Firefox/35.0 SeaMonkey/2.32.1 So all you need is his localization. -- War doesn't determine who's right, just who's left. -- Paul B. Gallagher ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 30/04/15 16:19, Daniel wrote: On 30/04/15 01:39, »Q« wrote: In news:9o6dndbukysmad3inz2dnuu7-r-dn...@mozilla.org, Daniel dan...@albury.net.spam.au wrote: David, if the Master Password is not saved, how are the passwords decrypted so they can be used?? A hash is stored, and when you enter the password, its hash must match the stored hash. That's an oversimplificatoin, The wikipedia has more about password hashing at http://en.wikipedia.org/wiki/Cryptographic_hash_function#Password_verification, and you could scroll up to the top to get stuff about hashing in general. Note that in the jargon of cryptography, message means the hash function's input, in this case the master password. Haven't read the link yet, but If we assume a four digit, numeric only, password of 3072 (Decimal), I could hash, (i.e. subtract from) that with (Decimal) to produce 6927 (Decimal). So, having encrypted my 3072, I must store the Hash, 6927, somewhere on my computer, so that, when someone enters a password, it's Hash can be compared to the stored Hash. This mustn't be how it works, as it seems to simply!! Guess I'll have to read the link! Nope, it does seem to be that simple, although the article does introduce a SALT into the situation as well!! -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
JAS schrieb: https://addons.mozilla.org/en-US/firefox/addon/show-password/ through the http://addonconverter.fotokraina.com/ and it works fine. You can toggle it on and off. Works fine for me. Hi, can you please tell your Operating System, SeaMonkey version and Localization, so that I can add oyur result to https://wiki.mozilla.org/SeaMonkey/AddonCompat? Best regards Rainer Bielefeld ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Crypto hashes are really powerful and are the standard way of storing passwords in many systems. You might now that a password hash is $5$sdsd7f89sd7fsda89f7$9AO/NHJbfjwllqiFOOeq63ICdSDwaejGNa36IL6d4pC. You might not use this information to find what the password that generates this hash is. The reason is that cryptographic checksums work only one way. You can take an input and turn it into a hash, but there is no practical way to take a hash and find what the input is out. Daniel wrote: Haven't read the link yet, but If we assume a four digit, numeric only, password of 3072 (Decimal), I could hash, (i.e. subtract from) that with (Decimal) to produce 6927 (Decimal). So, having encrypted my 3072, I must store the Hash, 6927, somewhere on my computer, so that, when someone enters a password, it's Hash can be compared to the stored Hash. This mustn't be how it works, as it seems to simply!! Guess I'll have to read the link! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 2015-04-30 10:39, Rainer Bielefeld wrote: JAS schrieb: https://addons.mozilla.org/en-US/firefox/addon/show-password/ through the http://addonconverter.fotokraina.com/ and it works fine. You can toggle it on and off. Works fine for me. Hi, can you please tell your Operating System, SeaMonkey version and Localization, so that I can add oyur result to https://wiki.mozilla.org/SeaMonkey/AddonCompat? I don't think the operating system is so important because in 99% of cases extensions will work on all systems - unless they contain binary components (which can be quickly seen by glancing at the xpi contents) or are otherwise targeted at specific systems. Of course, testing on all systems is necessary for 100% certainty. Do you gather compatibility info for all systems? BTW, isn't that a mistake on the wiki page: 2013-04-15 Results for SeaMonkey 2.33 and later, with detailed comments for SeaMonkey Add-on converter In 2013 there was no SeaMonkey 2.33, they year appears to be slightly off :) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ? - Add-on Show Password 1.7 will do the job
Lemon Juice schrieb: I don't think the operating system Hi, and the SM converted add-on works much better than the original for FF 37. General FF problem or FF37 related? https://addons.mozilla.org/de/firefox/addon/show-password/reviews/ (my comment currently is in review) BTW, isn't that a mistake on the wiki page Yes, thank you for your attetion, I corrected that. BTW, it's a Wiki Did you already think about changing add-on version or whatever else in Converter? For use ratings and expecially after a fix for [Bug 1149016] New: Add-on Compatibility Reporter 2.0.5 does not work with SeaMonkey https://bugzilla.mozilla.org/show_bug.cgi?id=1149016 it will be important to know whether it's the normal add-on version or a converted one. For my private work I add a tailing .SM to the add-on version in install.rdf for converted add-ons, what will be visible in add-on-manager. Best Regards Rainer Bielefels ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Rainer Bielefeld wrote: JAS schrieb: https://addons.mozilla.org/en-US/firefox/addon/show-password/ through the http://addonconverter.fotokraina.com/ and it works fine. You can toggle it on and off. Works fine for me. Hi, can you please tell your Operating System, SeaMonkey version and Localization, so that I can add oyur result to https://wiki.mozilla.org/SeaMonkey/AddonCompat? Best regards Rainer Bielefeld Is this what you need: Mozilla/5.0 (Windows NT 5.1; rv:35.0) Gecko/20100101 Firefox/35.0 SeaMonkey/2.32.1 - Build ID: 20150204202218 Nebraska USA JAS -- You either teach people to treat you with dignity and respect, or you don't. This means you are partly responsible for the mistreatment that you get at the hands of someone else. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Philip Chee schrieb: The more people doing this, the easier it is for Rainer. Hi all, yes, some help would be great. To be honest, keeping such lists up to date is the most boring job of all ones I can imagine how to contribute to SeaMonkey ;-) So I do not want to invest too much time there. @JAS: info is in a comment, only visible in Edit Mode! CU Rainer ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 30/04/2015 16:39, Rainer Bielefeld wrote: JAS schrieb: https://addons.mozilla.org/en-US/firefox/addon/show-password/ through the http://addonconverter.fotokraina.com/ and it works fine. You can toggle it on and off. Works fine for me. Hi, can you please tell your Operating System, SeaMonkey version and Localization, so that I can add oyur result to https://wiki.mozilla.org/SeaMonkey/AddonCompat? Or JAS could create an account (anyone reading this can - it's free) and help keep https://wiki.mozilla.org/SeaMonkey/AddonCompat up to date. The more people doing this, the easier it is for Rainer. Phil -- Philip Chee phi...@aleytys.pc.my, philip.c...@gmail.com http://flashblock.mozdev.org/ http://xsidebar.mozdev.org Guard us from the she-wolf and the wolf, and guard us from the thief, oh Night, and so be good for us to pass. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ? - Add-on Show Password 1.7 will do the job
On 30/04/2015 19:22, Rainer Bielefeld wrote: and the SM converted add-on works much better than the original for FF 37. General FF problem or FF37 related? https://addons.mozilla.org/de/firefox/addon/show-password/reviews/ (my comment currently is in review) The add-on hasn't been updated since September 24, 2012. Possibly changes due to Australis in Firefox and/or the disappearance of the status bar have broken Show Password. By the way addons.mozilla.org has been known to delete old, broken, obsolete add-ons on occasion so it might be worthwhile to back these up somewhere. Phil -- Philip Chee phi...@aleytys.pc.my, philip.c...@gmail.com http://flashblock.mozdev.org/ http://xsidebar.mozdev.org Guard us from the she-wolf and the wolf, and guard us from the thief, oh Night, and so be good for us to pass. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ? - Add-on Show Password 1.7 will do the job
On 2015-04-30 13:22, Rainer Bielefeld wrote: Did you already think about changing add-on version or whatever else in Converter? For use ratings and expecially after a fix for [Bug 1149016] New: Add-on Compatibility Reporter 2.0.5 does not work with SeaMonkey https://bugzilla.mozilla.org/show_bug.cgi?id=1149016 it will be important to know whether it's the normal add-on version or a converted one. For my private work I add a tailing .SM to the add-on version in install.rdf for converted add-ons, what will be visible in add-on-manager. The idea on mozillazine was for the converter to append something to the extension name to make it recognizable. I'll try to get to it soon. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ? - Add-on Show Password 1.7 will do the job
On 2015-04-30 16:38, Philip Chee wrote: On 30/04/2015 19:22, Rainer Bielefeld wrote: By the way addons.mozilla.org has been known to delete old, broken, obsolete add-ons on occasion so it might be worthwhile to back these up somewhere. I think Rainer's repository at sourceforge is a perfect place for that :) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 30/04/15 01:39, »Q« wrote: In news:9o6dndbukysmad3inz2dnuu7-r-dn...@mozilla.org, Daniel dan...@albury.net.spam.au wrote: David, if the Master Password is not saved, how are the passwords decrypted so they can be used?? A hash is stored, and when you enter the password, its hash must match the stored hash. That's an oversimplificatoin, The wikipedia has more about password hashing at http://en.wikipedia.org/wiki/Cryptographic_hash_function#Password_verification, and you could scroll up to the top to get stuff about hashing in general. Note that in the jargon of cryptography, message means the hash function's input, in this case the master password. Haven't read the link yet, but If we assume a four digit, numeric only, password of 3072 (Decimal), I could hash, (i.e. subtract from) that with (Decimal) to produce 6927 (Decimal). So, having encrypted my 3072, I must store the Hash, 6927, somewhere on my computer, so that, when someone enters a password, it's Hash can be compared to the stored Hash. This mustn't be how it works, as it seems to simply!! Guess I'll have to read the link! -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
NFN Smith wrote on 04/28/2015 03:37 PM: sean wrote: the problem i've had with addons and extensions for password keeping, is updates to my install of seamonkey often breaks them. I can't wait for updates to the addons... hence my reliance on a txt file stored locally... For this kind of thing, tools like KeePass, LastPass, Password Safe, etc., are external utilities, and not tied to Seamonkey. Thus, unlike extensions, updates to the browser shouldn't affect your ability to use the tool. In fact, if you make use of multiple browsers, an external password-keeping tool can be used with any browser. Although mechanics vary, a password-keeping tool will allow you to open a specified URL in whatever browser you choose, then enter the ID and password, with about 3 or four mouse clicks, and without having to resort to cut-and-paste. Personally, I think it's dangerous to keep passwords in an unencrypted form (even a Mozilla application without Master Password defined). If your computer is lost or stolen, then whoever can establish access to the hard drive has your entire password collection. In a similar way, I believe that there are strains of malware that will do indexing of your computer, that may be able to extract credentials from unencrypted files. I'm not sure of what's possible with a simple text document or spreadsheet, but if you allow storage of passwords in Seamonkey without encryption with a master password, then the location is pretty easy to find, and the format is known. There are tools out there that can extract that information. The Nirsoft collection is one of them, and I'm sure that there are others, as well. And it's reasonable to assume that there's malware that has copied the techniques. Smith seeing as i'm using a minor linux os, i've never much worried about malware and my laptop never leaves home... and is too old to be of interest to thieves... i did download keepass since it purports to be linux compatible will take a look see soon... thanks... but this is good advice for OP if he's on windows... I understand the trials and tribulations of 79 somethings with failing eyesite and fingers that many times seem to be no longer under their personal control... spent most of yesterday triaging my 74 year old mother's machine... i swear she deliberately breaks it to get me to visit... but i moved 2500 miles away to remove that option from her... :~( ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 29/04/15 06:55, David E. Ross wrote: On 4/28/2015 11:52 AM, William wrote: Bill Spikowski wrote: Rick Merrill wrote: Bill Spikowski wrote on 04/27/2015 8:46 AM: No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? No idea what a TEMPEST office is. Would never use a wireless keyboard. I use LastPass myself, but I don't tell other people that my password solution is the only valid one. Lots of people don't understand password managers, or don't trust them; or are the only users of their computers, and don't need the extra complexity. I've been using Lastpass since someone pointed out that SeaMonkey's password manager does not encrypt your passwords; good for looking a forgotten one up, but not good for security. Before that I kept my passwords in a blank field in the bookmark for the site, but typed backward as my gesture to security. I think lastpass keeps your passwords on your pc, but in an encrypted form: when you need a password, their program undecrypts it, but displays it as a series of asterisks. The problem I have is that some enterprises that put out multiple programs (such as Intuit with Quicken and Turbotax) have moved to having a single password for all their programs and when you register for a second program (or often, it seems, a new page in the program) Lastpass does not recognize the relationship between the multiple programs, and cutting and pasting a bunch of asterisks doesn't work. This user unfriendly scheme takes up a lot of my time going to all the pages and entering a new password. The obvious solution is to allow the user to see the password in unencrypted form (you do need a password to get into Lastpass) but apparently they don't recognize this as a problem. SeaMonkey does indeed encrypt its saved passwords. The Password Manager uses your master password as its encryption key, but the master password itself is NOT saved. David, if the Master Password is not saved, how are the passwords decrypted so they can be used?? -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Original Message ([[)b(]])Subject: ([[)/b(]])Making Passwords Show Letters ? ([[)b(]])From: ([[)/b(]])DoctorBill ab...@example.com ([[)b(]])To: ([[)/b(]]) ([[)b(]])Date: ([[)/b(]])25/04/15 23:24 Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill May be the addon Show/hide Passwords solves your issue, this add-on adds a bottom near the password field in web pages to show or hide the password. It is a firefox add-on, so, you need to modify the install.rdf file adding a SM section manually or using the add-on converter http://addonconverter.fotokraina.com/ ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
In news:9o6dndbukysmad3inz2dnuu7-r-dn...@mozilla.org, Daniel dan...@albury.net.spam.au wrote: David, if the Master Password is not saved, how are the passwords decrypted so they can be used?? A hash is stored, and when you enter the password, its hash must match the stored hash. That's an oversimplificatoin, The wikipedia has more about password hashing at http://en.wikipedia.org/wiki/Cryptographic_hash_function#Password_verification, and you could scroll up to the top to get stuff about hashing in general. Note that in the jargon of cryptography, message means the hash function's input, in this case the master password. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
sean wrote: the problem i've had with addons and extensions for password keeping, is updates to my install of seamonkey often breaks them. I can't wait for updates to the addons... hence my reliance on a txt file stored locally... For this kind of thing, tools like KeePass, LastPass, Password Safe, etc., are external utilities, and not tied to Seamonkey. Thus, unlike extensions, updates to the browser shouldn't affect your ability to use the tool. In fact, if you make use of multiple browsers, an external password-keeping tool can be used with any browser. Although mechanics vary, a password-keeping tool will allow you to open a specified URL in whatever browser you choose, then enter the ID and password, with about 3 or four mouse clicks, and without having to resort to cut-and-paste. Personally, I think it's dangerous to keep passwords in an unencrypted form (even a Mozilla application without Master Password defined). If your computer is lost or stolen, then whoever can establish access to the hard drive has your entire password collection. In a similar way, I believe that there are strains of malware that will do indexing of your computer, that may be able to extract credentials from unencrypted files. I'm not sure of what's possible with a simple text document or spreadsheet, but if you allow storage of passwords in Seamonkey without encryption with a master password, then the location is pretty easy to find, and the format is known. There are tools out there that can extract that information. The Nirsoft collection is one of them, and I'm sure that there are others, as well. And it's reasonable to assume that there's malware that has copied the techniques. Smith ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Danny Kile wrote: sean wrote: DoctorBill wrote on 04/25/2015 02:24 PM: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill my solution to this is a txt file where i store all of my passwords... it has a random name that is not passwords in any language over the years my passwords have become complex and can't be easily remembered, so I open that file and copy and paste from the txt file to the password box as needed... sean You may want to take a look at Keepass2. You can store all you passwords in one place and then you only need one password to open Keepass. You would not need to copy and pass, Keepass will send it for you. You can even open the website from within Keepass2. I currently have 123 passwords save in Keepass. I use RoboForm. Does everything mentioned above and is easy to use. -- The Frosted Flake + SPAM is for eating + ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
David E. Ross wrote on 4/28/2015 4:55 PM: On 4/28/2015 11:52 AM, William wrote: Bill Spikowski wrote: Rick Merrill wrote: Bill Spikowski wrote on 04/27/2015 8:46 AM: No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? No idea what a TEMPEST office is. Would never use a wireless keyboard. I use LastPass myself, but I don't tell other people that my password solution is the only valid one. Lots of people don't understand password managers, or don't trust them; or are the only users of their computers, and don't need the extra complexity. I've been using Lastpass since someone pointed out that SeaMonkey's password manager does not encrypt your passwords; good for looking a forgotten one up, but not good for security. Before that I kept my passwords in a blank field in the bookmark for the site, but typed backward as my gesture to security. I think lastpass keeps your passwords on your pc, but in an encrypted form: when you need a password, their program undecrypts it, but displays it as a series of asterisks. The problem I have is that some enterprises that put out multiple programs (such as Intuit with Quicken and Turbotax) have moved to having a single password for all their programs and when you register for a second program (or often, it seems, a new page in the program) Lastpass does not recognize the relationship between the multiple programs, and cutting and pasting a bunch of asterisks doesn't work. This user unfriendly scheme takes up a lot of my time going to all the pages and entering a new password. The obvious solution is to allow the user to see the password in unencrypted form (you do need a password to get into Lastpass) but apparently they don't recognize this as a problem. SeaMonkey does indeed encrypt its saved passwords. The Password Manager uses your master password as its encryption key, but the master password itself is NOT saved. But the use oa Master Password is optional. -- Ed Mullen http://edmullen.net/ Black holes really suck. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 2015-04-28 08:24, DoctorBill wrote: DoctorBill wrote: I had NO IDEA that this one post would generate such a plethora of JARGON and technical speak that is completely unintelligible to laymen like myself. The crosstalk is interesting and amusing. Thank all of you for trying to help. Many replies were so far out there that I got lost after the first three words. lol Make one feel like a caveman in a Cosmology Seminar. No offense intended. But did you actually find the solution you were looking for? :) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
DoctorBill wrote on 04/25/2015 02:24 PM: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill my solution to this is a txt file where i store all of my passwords... it has a random name that is not passwords in any language over the years my passwords have become complex and can't be easily remembered, so I open that file and copy and paste from the txt file to the password box as needed... sean -- really missing tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 4/28/2015 11:52 AM, William wrote: Bill Spikowski wrote: Rick Merrill wrote: Bill Spikowski wrote on 04/27/2015 8:46 AM: No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? No idea what a TEMPEST office is. Would never use a wireless keyboard. I use LastPass myself, but I don't tell other people that my password solution is the only valid one. Lots of people don't understand password managers, or don't trust them; or are the only users of their computers, and don't need the extra complexity. I've been using Lastpass since someone pointed out that SeaMonkey's password manager does not encrypt your passwords; good for looking a forgotten one up, but not good for security. Before that I kept my passwords in a blank field in the bookmark for the site, but typed backward as my gesture to security. I think lastpass keeps your passwords on your pc, but in an encrypted form: when you need a password, their program undecrypts it, but displays it as a series of asterisks. The problem I have is that some enterprises that put out multiple programs (such as Intuit with Quicken and Turbotax) have moved to having a single password for all their programs and when you register for a second program (or often, it seems, a new page in the program) Lastpass does not recognize the relationship between the multiple programs, and cutting and pasting a bunch of asterisks doesn't work. This user unfriendly scheme takes up a lot of my time going to all the pages and entering a new password. The obvious solution is to allow the user to see the password in unencrypted form (you do need a password to get into Lastpass) but apparently they don't recognize this as a problem. SeaMonkey does indeed encrypt its saved passwords. The Password Manager uses your master password as its encryption key, but the master password itself is NOT saved. -- David E. Ross I am sticking with SeaMonkey 2.26.1 until saved passwords can be used when autocomplete=off. See https://bugzilla.mozilla.org/show_bug.cgi?id=433238. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Bill Spikowski wrote: Rick Merrill wrote: Bill Spikowski wrote on 04/27/2015 8:46 AM: No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? No idea what a TEMPEST office is. Would never use a wireless keyboard. I use LastPass myself, but I don't tell other people that my password solution is the only valid one. Lots of people don't understand password managers, or don't trust them; or are the only users of their computers, and don't need the extra complexity. I've been using Lastpass since someone pointed out that SeaMonkey's password manager does not encrypt your passwords; good for looking a forgotten one up, but not good for security. Before that I kept my passwords in a blank field in the bookmark for the site, but typed backward as my gesture to security. I think lastpass keeps your passwords on your pc, but in an encrypted form: when you need a password, their program undecrypts it, but displays it as a series of asterisks. The problem I have is that some enterprises that put out multiple programs (such as Intuit with Quicken and Turbotax) have moved to having a single password for all their programs and when you register for a second program (or often, it seems, a new page in the program) Lastpass does not recognize the relationship between the multiple programs, and cutting and pasting a bunch of asterisks doesn't work. This user unfriendly scheme takes up a lot of my time going to all the pages and entering a new password. The obvious solution is to allow the user to see the password in unencrypted form (you do need a password to get into Lastpass) but apparently they don't recognize this as a problem. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill I had NO IDEA that this one post would generate such a plethora of JARGON and technical speak that is completely unintelligible to laymen like myself. The crosstalk is interesting and amusing. Thank all of you for trying to help. Many replies were so far out there that I got lost after the first three words. lol Make one feel like a caveman in a Cosmology Seminar. No offense intended. DoctorBill ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 28/04/2015 8:02 AM, WaltS48 wrote: On 04/27/2015 05:53 PM, Bill Spikowski wrote: No idea what a TEMPEST office is. Probably one that spies on information systems. [Tempest (codename) - Wikipedia, the free encyclopedia](http://en.wikipedia.org/wiki/Tempest_(codename)) [TEMPEST, Definition](http://www.dami.army.pentagon.mil/site/TechSec/TEMPEST-Def.aspx) or, rather, practises put in place to restrict/eliminate spying on Information Systems!! -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
William wrote: Bill Spikowski wrote: Rick Merrill wrote: Bill Spikowski wrote on 04/27/2015 8:46 AM: No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? No idea what a TEMPEST office is. Would never use a wireless keyboard. I use LastPass myself, but I don't tell other people that my password solution is the only valid one. Lots of people don't understand password managers, or don't trust them; or are the only users of their computers, and don't need the extra complexity. I've been using Lastpass since someone pointed out that SeaMonkey's password manager does not encrypt your passwords; good for looking a forgotten one up, but not good for security. Before that I kept my passwords in a blank field in the bookmark for the site, but typed backward as my gesture to security. I think lastpass keeps your passwords on your pc, but in an encrypted form: when you need a password, their program undecrypts it, but displays it as a series of asterisks. The problem I have is that some enterprises that put out multiple programs (such as Intuit with Quicken and Turbotax) have moved to having a single password for all their programs and when you register for a second program (or often, it seems, a new page in the program) Lastpass does not recognize the relationship between the multiple programs, and cutting and pasting a bunch of asterisks doesn't work. This user unfriendly scheme takes up a lot of my time going to all the pages and entering a new password. The obvious solution is to allow the user to see the password in unencrypted form (you do need a password to get into Lastpass) but apparently they don't recognize this as a problem. Keepass2 in it's normal state shows asterisks however, you can have it show the password as text and you can ever copy and paste if you need to. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
sean wrote on 04/28/2015 09:17 AM: DoctorBill wrote on 04/25/2015 02:24 PM: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill my solution to this is a txt file where i store all of my passwords... it has a random name that is not passwords in any language over the years my passwords have become complex and can't be easily remembered, so I open that file and copy and paste from the txt file to the password box as needed... sean the problem i've had with addons and extensions for password keeping, is updates to my install of seamonkey often breaks them. I can't wait for updates to the addons... hence my reliance on a txt file stored locally... would also seem to lessen your confusion by all the addons and extensions DoctorBill sean -- still missing tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
sean wrote: DoctorBill wrote on 04/25/2015 02:24 PM: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill my solution to this is a txt file where i store all of my passwords... it has a random name that is not passwords in any language over the years my passwords have become complex and can't be easily remembered, so I open that file and copy and paste from the txt file to the password box as needed... sean You may want to take a look at Keepass2. You can store all you passwords in one place and then you only need one password to open Keepass. You would not need to copy and pass, Keepass will send it for you. You can even open the website from within Keepass2. I currently have 123 passwords save in Keepass. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
DoctorBill wrote on 04/27/2015 9:27 AM: Bill Spikowski wrote: Thee Chicago Wolf (MVP) wrote: On Sun, 26 Apr 2015 19:38:21 +1000, Daniel dan...@albury.net.spam.au wrote: On 26/04/15 10:00, Thee Chicago Wolf (MVP) wrote: On Sat, 25 Apr 2015 14:24:53 -0700, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill This is a bad phishing attempt. No, Doctor Bill is a long time, very occasional, poster hereabouts, from I think, regional (i.e. about 60-90 miles from a large City) U.S. of A. Hmm, be that as it may. Whenever I see these kinds of message , it always sends up a social engineering attack flag. There's no practical reason to want to know how to unhide a hidden password field other than to clear-text pass the password into some hidden service or some other nefarious purpose. Just my 2 cents. No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. You darn Betcha ! How about 72 years old and fingers that act like Bananas inside boxing gloves ! These young whippersnappers don't understand. DoctorBill I'm 73 yrs old, and still touch type. Ok, in high school I had to teach myself typing or else! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Bill Spikowski wrote on 04/27/2015 8:46 AM: Thee Chicago Wolf (MVP) wrote: On Sun, 26 Apr 2015 19:38:21 +1000, Daniel dan...@albury.net.spam.au wrote: On 26/04/15 10:00, Thee Chicago Wolf (MVP) wrote: On Sat, 25 Apr 2015 14:24:53 -0700, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill This is a bad phishing attempt. No, Doctor Bill is a long time, very occasional, poster hereabouts, from I think, regional (i.e. about 60-90 miles from a large City) U.S. of A. Hmm, be that as it may. Whenever I see these kinds of message , it always sends up a social engineering attack flag. There's no practical reason to want to know how to unhide a hidden password field other than to clear-text pass the password into some hidden service or some other nefarious purpose. Just my 2 cents. No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Rick Merrill wrote: Bill Spikowski wrote on 04/27/2015 8:46 AM: No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. Oh, come: how about the wireless kbd that transmits the keycodes? Is your office a TEMPEST design? No idea what a TEMPEST office is. Would never use a wireless keyboard. I use LastPass myself, but I don't tell other people that my password solution is the only valid one. Lots of people don't understand password managers, or don't trust them; or are the only users of their computers, and don't need the extra complexity. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Thee Chicago Wolf (MVP) wrote: On Sun, 26 Apr 2015 19:38:21 +1000, Daniel dan...@albury.net.spam.au wrote: On 26/04/15 10:00, Thee Chicago Wolf (MVP) wrote: On Sat, 25 Apr 2015 14:24:53 -0700, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill This is a bad phishing attempt. No, Doctor Bill is a long time, very occasional, poster hereabouts, from I think, regional (i.e. about 60-90 miles from a large City) U.S. of A. Hmm, be that as it may. Whenever I see these kinds of message , it always sends up a social engineering attack flag. There's no practical reason to want to know how to unhide a hidden password field other than to clear-text pass the password into some hidden service or some other nefarious purpose. Just my 2 cents. No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Bill Spikowski wrote: Thee Chicago Wolf (MVP) wrote: On Sun, 26 Apr 2015 19:38:21 +1000, Daniel dan...@albury.net.spam.au wrote: On 26/04/15 10:00, Thee Chicago Wolf (MVP) wrote: On Sat, 25 Apr 2015 14:24:53 -0700, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill This is a bad phishing attempt. No, Doctor Bill is a long time, very occasional, poster hereabouts, from I think, regional (i.e. about 60-90 miles from a large City) U.S. of A. Hmm, be that as it may. Whenever I see these kinds of message , it always sends up a social engineering attack flag. There's no practical reason to want to know how to unhide a hidden password field other than to clear-text pass the password into some hidden service or some other nefarious purpose. Just my 2 cents. No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. You darn Betcha ! How about 72 years old and fingers that act like Bananas inside boxing gloves ! These young whippersnappers don't understand. DoctorBill ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 04/27/2015 05:53 PM, Bill Spikowski wrote: No idea what a TEMPEST office is. Probably one that spies on information systems. [Tempest (codename) - Wikipedia, the free encyclopedia](http://en.wikipedia.org/wiki/Tempest_(codename)) [TEMPEST, Definition](http://www.dami.army.pentagon.mil/site/TechSec/TEMPEST-Def.aspx) -- Kubuntu 14.10 | KDE 4.14.1 | Thunderbird 38.0b3 (Beta) April is Jazz Appreciation Month Go Bucs! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Thee Chicago Wolf (MVP) wrote on 4/27/2015 7:52 PM: On Mon, 27 Apr 2015 17:00:04 -0400, Rick Merrill rick0.merr...@gmail.nospam.com wrote: DoctorBill wrote on 04/27/2015 9:27 AM: Bill Spikowski wrote: Thee Chicago Wolf (MVP) wrote: On Sun, 26 Apr 2015 19:38:21 +1000, Daniel dan...@albury.net.spam.au wrote: On 26/04/15 10:00, Thee Chicago Wolf (MVP) wrote: On Sat, 25 Apr 2015 14:24:53 -0700, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill This is a bad phishing attempt. No, Doctor Bill is a long time, very occasional, poster hereabouts, from I think, regional (i.e. about 60-90 miles from a large City) U.S. of A. Hmm, be that as it may. Whenever I see these kinds of message , it always sends up a social engineering attack flag. There's no practical reason to want to know how to unhide a hidden password field other than to clear-text pass the password into some hidden service or some other nefarious purpose. Just my 2 cents. No practical reason What about seeing what one is typing when entering complex passwords? Think especially about these situations: a lousy keyboard, like most laptops; working in a dark area; using a touchscreen; people with dyslexia, or poor typing skills; the visually impaired; or those having several hundred passwords for different sites. You darn Betcha ! How about 72 years old and fingers that act like Bananas inside boxing gloves ! These young whippersnappers don't understand. DoctorBill I'm 73 yrs old, and still touch type. Ok, in high school I had to teach myself typing or else! I use chicken style as well. I never learned to type properly either but I do still type fast. In about 1964 my mother sent me to summer school to take two classes: One, how to study, the other typing. I've been thanking her ever since. I've been banging out about 90-120 WPM or more ever since. Although, computers have degraded that. I tend to not pay as much attention to it since spell checkers mediate my errors in most part. Actually, that might even make me faster since I just hammer it out and, post-event, spend a few clicks to fix the oops. I cannot imagine how current folk exist with the tech today without knowing how to touch type. -- Ed Mullen http://edmullen.net/ I'm not schizophrenic, and neither am I. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
David E. Ross wrote: On 4/26/2015 9:39 AM, Ray_Net wrote: Danny Kile wrote on 26/04/2015 16:59: Danny Kile wrote: DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill DoctorBill I have your solution take a look at the following program KeyPass2 here is the link: http://keepass.info/ I use the program to keep all my passwords, you only have to remember one password to get into Keypass. From Keypass you can launch the website and the have it enter the username and password. The database file can be copied to another PC to use the password from another PC. There is also a Android App so you can use it from a cell phone. Check it out I have been using it for years. I concur on using some sort of external password-keeping utility. Personally, I do allow Seamonkey to remember some of my passwords, as a convenience thing, but I consider KeePass to be my primary password store. The thing about KeePass is that it offers a bunch of extra flexibility, including the ability of doing password generation, with as much entropy as you think you may need. Thus, nearly all of my passwords are ones that are as long and as cryptic as I can get them. Also, I really like the capacity of keeping free-form notes. With that, I can log things such as previous passwords used, when I've changed passwords, email address associated with password recovery mechanism, and questions and answers for two-factor authentication. With the latter, I have the ability of making sure I actually remember the specific answers (e.g., for some questions, there may actually be several possible answers), but with this, I can come up with nonsensical answers. One other thing that I have done with KeePass was that when we were seeing the problems with HeartBleed last year, I was able to track which services were likely safe, and which needed password changes, including being able to keep notes on whether or not a service had updated its SSL cert (and I waited until cert changes, before changing passwords). My preference is:http://passwordsafe.sourceforge.net/ Ragarding both KeyPass2 and Password Safe: Are their password databases local to my PC? Or are they on some external servers? KeePass, definitely, and I'm pretty sure that Password Safe is, as well. Both have been around since before cloud-based storage was in common use. I haven't seen it, but I'm guessing that Dashlane also permits that option. With KeePass, there is a capacity for synchronization to a server, if you want. Personally, I keep my primary copy of a KeePass on my primary working laptop, but I synchronize a copy to a server in my LAN, so that all the machines in my LAN have access to the content. I'm actually not adverse to recommending LastPass. I know that that one does presume server-based access and synchronization (and initial setup requires creation of a user ID and password on a LastPass server), and I don't like that. But as far as I'm aware, I believe that you can do things where you don't have to sync with the server, and LastPass documentation indicates that it's fully functional, without having to have access to a server. To me, there's two reasons to avoid a server. One is in not being reliant on a server copy, so that you have have access to your stuff, if you can't get the server (e.g., no Internet access, server not available, etc.), and that's an issue with any kind of cloud-based service (particularly backups). The other is a question of whether you trust the encryption processes well enough to store on somebody else's hardware. With LastPass, my inclination is that it's sufficiently zero-knowledge that saving on a server is safe enough. Thus, for non-technical end users that often get tripped up on user interfaces in open source projects, I will sometimes point them to LastPass, as a way of getting them to use a password manager. At this point, the topic has strayed far enough from specifics of Seamonkey, that I'm going to cross-post to mozilla.general and set follow-ups to go there. Smith ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Danny Kile wrote on 26/04/2015 16:59: Danny Kile wrote: DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill DoctorBill I have your solution take a look at the following program KeyPass2 here is the link: http://keepass.info/ I use the program to keep all my passwords, you only have to remember one password to get into Keypass. From Keypass you can launch the website and the have it enter the username and password. The database file can be copied to another PC to use the password from another PC. There is also a Android App so you can use it from a cell phone. Check it out I have been using it for years. I forgot to mention that there is also a portable version that you can run from a flash drive. In addition to Windows, KeePass 2.x runs fine under Mono, i.e. Linux, Mac OS X, BSD, etc. My preference is: http://passwordsafe.sourceforge.net/ ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill DoctorBill I have your solution take a look at the following program KeyPass2 here is the link: http://keepass.info/ I use the program to keep all my passwords, you only have to remember one password to get into Keypass. From Keypass you can launch the website and the have it enter the username and password. The database file can be copied to another PC to use the password from another PC. There is also a Android App so you can use it from a cell phone. Check it out I have been using it for years. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Danny Kile wrote: DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill DoctorBill I have your solution take a look at the following program KeyPass2 here is the link: http://keepass.info/ I use the program to keep all my passwords, you only have to remember one password to get into Keypass. From Keypass you can launch the website and the have it enter the username and password. The database file can be copied to another PC to use the password from another PC. There is also a Android App so you can use it from a cell phone. Check it out I have been using it for years. I forgot to mention that there is also a portable version that you can run from a flash drive. In addition to Windows, KeePass 2.x runs fine under Mono, i.e. Linux, Mac OS X, BSD, etc. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 26/04/15 10:00, Thee Chicago Wolf (MVP) wrote: On Sat, 25 Apr 2015 14:24:53 -0700, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill This is a bad phishing attempt. No, Doctor Bill is a long time, very occasional, poster hereabouts, from I think, regional (i.e. about 60-90 miles from a large City) U.S. of A. -- Daniel User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101 SeaMonkey/2.32 Build identifier: 20141218225909 or User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33 Build identifier: 20150215202114 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 4/26/2015 9:39 AM, Ray_Net wrote: Danny Kile wrote on 26/04/2015 16:59: Danny Kile wrote: DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill DoctorBill I have your solution take a look at the following program KeyPass2 here is the link: http://keepass.info/ I use the program to keep all my passwords, you only have to remember one password to get into Keypass. From Keypass you can launch the website and the have it enter the username and password. The database file can be copied to another PC to use the password from another PC. There is also a Android App so you can use it from a cell phone. Check it out I have been using it for years. I forgot to mention that there is also a portable version that you can run from a flash drive. In addition to Windows, KeePass 2.x runs fine under Mono, i.e. Linux, Mac OS X, BSD, etc. My preference is: http://passwordsafe.sourceforge.net/ Ragarding both KeyPass2 and Password Safe: Are their password databases local to my PC? Or are they on some external servers? -- David E. Ross I am sticking with SeaMonkey 2.26.1 until saved passwords can be used when autocomplete=off. See https://bugzilla.mozilla.org/show_bug.cgi?id=433238. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
David E. Ross wrote on 26/04/2015 19:35: On 4/26/2015 9:39 AM, Ray_Net wrote: Danny Kile wrote on 26/04/2015 16:59: Danny Kile wrote: DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill DoctorBill I have your solution take a look at the following program KeyPass2 here is the link: http://keepass.info/ I use the program to keep all my passwords, you only have to remember one password to get into Keypass. From Keypass you can launch the website and the have it enter the username and password. The database file can be copied to another PC to use the password from another PC. There is also a Android App so you can use it from a cell phone. Check it out I have been using it for years. I forgot to mention that there is also a portable version that you can run from a flash drive. In addition to Windows, KeePass 2.x runs fine under Mono, i.e. Linux, Mac OS X, BSD, etc. My preference is: http://passwordsafe.sourceforge.net/ Ragarding both KeyPass2 and Password Safe: Are their password databases local to my PC? Or are they on some external servers? For Password Safe the database is password-protected and located here on my pc: C:\Users\RZ\Documents\My Safes\pwsafe.psafe3 and when we start Password Safe there is a zone asking which database to open with the above string filled in the zone, but we can browse to use another one. Creating a New Safe *Password Safe* allows users to store all passwords in a single safe (password database), or to create multiple databases for different purposes (e.g., one for work, one for personal use). Each database is independent and can be moved and used on different systems, as long as the same version of *Password Safe* is installed. Databases are encrypted with an encryption key derived from the master password (the master password, however, is *not* kept in the database in any form). However, *Password Safe* cannot protect against physical damage or loss to your hard disk, laptop or PC. Therefore, we strongly recommend that you make regular copies of your password database 'off-line', that is, to another PC or disk. This can be done manually, or by using a cloud storage service such as DropBox https://www.dropbox.com/home, SugarSync https://www.sugarsync.com/or JungleDisk https://www.jungledisk.com/, to name a few. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 4/25/15, DoctorBill ab...@example.com wrote: Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? I don't know of a pref that will do what you want, but copy paste will get you pretty close to what you were asking for. Best Regards, Lee ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 4/25/2015 3:44 PM, WaltS48 wrote: On 04/25/2015 06:31 PM, DoctorBill wrote: Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? There is nothing in SeaMonkey you should change so that one sees the passwords one enters. It is a security feature so nobody can look over your shoulder and steal them. After 50+ years of marriage, my wife has all my passwords. We two are the only ones in our house. We do not worry about anyone looking over our shoulders to see us entering passwords. The default in PGP is to hide the user's passphrase, but PGP has the option to expose the passphrase as it is being entered. -- David E. Ross I am sticking with SeaMonkey 2.26.1 until saved passwords can be used when autocomplete=off. See https://bugzilla.mozilla.org/show_bug.cgi?id=433238. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
DoctorBill wrote: WaltS48 wrote: On 04/25/2015 06:31 PM, DoctorBill wrote: Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? There is nothing in SeaMonkey you should change so that one sees the passwords one enters. It is a security feature so nobody can look over your shoulder and steal them. Ugh ! Now don't miss read my reply,ha. I ran this add on , https://addons.mozilla.org/en-US/firefox/addon/show-password/ through the http://addonconverter.fotokraina.com/ and it works fine. You can toggle it on and off. Works fine for me. -- You either teach people to treat you with dignity and respect, or you don't. This means you are partly responsible for the mistreatment that you get at the hands of someone else. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? I don't know of a pref that will do what you want, but copy paste will get you pretty close to what you were asking for. Best Regards, Lee If it weren't for the automatic throwing up of Usernames and Passwords that SeaMonkey does, I would be lost. My poor wife works for the Gubment and she has to handle hundreds of them. Now - who in the Hell can remember all that garbage ?! Hey - don't write passwords down...somebody may get hold of your list ! BTW - we have a username and password now for the toilet stall doorand a DIFFERENT one to get out of the stalland one for the sink water tap. Give me a break ! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Making Passwords Show Letters ?
Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 04/25/2015 06:31 PM, DoctorBill wrote: Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? There is nothing in SeaMonkey you should change so that one sees the passwords one enters. It is a security feature so nobody can look over your shoulder and steal them. -- Kubuntu 14.10 | KDE 4.14.1 | Thunderbird 38.0 (Beta) April is Jazz Appreciation Month Go Bucs! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Lemon Juice wrote: On 2015-04-25 23:24, DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill Extension *Unhide Passwords* is on the list of working Firefox extensions after conversion (it is almost at the top of the list): http://forums.mozillazine.org/viewtopic.php?f=40t=2834855 I'm not sure of all the Jargon, so I have to ask How do I use this link http://addonconverter.fotokraina.com/?url=https://addons.mozilla.org/en-US/firefox/addon/unhide-passwords/ Convert and Install (Convert? Beyond my intelligence level) Convert and View Details (I would know what I am viewing). Need advice. DoctorBill PS - what is that phishing blurb about ? Thee Chicago Wolf(?) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 04/25/2015 09:00 PM, DoctorBill wrote: Lemon Juice wrote: On 2015-04-25 23:24, DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill Extension *Unhide Passwords* is on the list of working Firefox extensions after conversion (it is almost at the top of the list): http://forums.mozillazine.org/viewtopic.php?f=40t=2834855 I'm not sure of all the Jargon, so I have to ask How do I use this link http://addonconverter.fotokraina.com/?url=https://addons.mozilla.org/en-US/firefox/addon/unhide-passwords/ Click it and it will open in the browser window. Convert and Install (Convert? Beyond my intelligence level) If you are using SeaMonkey just click Convert and Install. The add-on converter will convert the extension to work with SeaMonkey and install it for you. -- Kubuntu 14.10 | KDE 4.14.1 | Thunderbird 38.0 (Beta) April is Jazz Appreciation Month Go Bucs! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
WaltS48 wrote: On 04/25/2015 06:31 PM, DoctorBill wrote: Lee wrote: On 4/25/15, DoctorBill ab...@example.com wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. then type the password into notepad or something, copy paste into the password entry field Regards, Lee Sois you answer NO. ? There is nothing in SeaMonkey you should change so that one sees the passwords one enters. It is a security feature so nobody can look over your shoulder and steal them. Ugh ! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 4/25/2015 2:24 PM, DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill See the following bug reports: https://bugzilla.mozilla.org/show_bug.cgi?id=232050 https://bugzilla.mozilla.org/show_bug.cgi?id=502258 There are extensions to handle this, but I consider extensions to be mere temporary solutions. Bug #232050 requests the option to expose the master password used by the Password Manager. The extension to handle this is Show Password On Input at https://addons.mozilla.org/en-US/seamonkey/addon/show-password-on-input/. This requires modifying its embedded install.rdf file for installation in recent SeaMonkey versions. It adds a checkbox to the popup dialogue for entering the master password. The checkbox must be checked to expose the master password. The default is unchecked. Bug #502258 requests the option to expose login passwords. The extension to handle this is Show my Password at https://addons.mozilla.org/en-US/seamonkey/addon/show-my-password/. This too requires modifying its embedded install.rdf file for installation in recent SeaMonkey versions. With this extension, double-click on the hidden password, double-click again, then right-click to get a menu that includes Show password. Almost any action by the user will again hide the password. -- David E. Ross I am sticking with SeaMonkey 2.26.1 until saved passwords can be used when autocomplete=off. See https://bugzilla.mozilla.org/show_bug.cgi?id=433238. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 2015-04-25 23:24, DoctorBill wrote: Most all Username / Password entry boxes only show the Asterisk (*) when one enters the password. Is there something in SeaMonkey that one can toggle so that one sees what one is actually entering ? I tuype so prly thet I meed tyu sea what I hab enterd. DoktoeVill Extension *Unhide Passwords* is on the list of working Firefox extensions after conversion (it is almost at the top of the list): http://forums.mozillazine.org/viewtopic.php?f=40t=2834855 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Making Passwords Show Letters ?
On 2015-04-26 03:00, DoctorBill wrote: I'm not sure of all the Jargon, so I have to ask How do I use this link http://addonconverter.fotokraina.com/?url=https://addons.mozilla.org/en-US/firefox/addon/unhide-passwords/ Both will work - Convert and Install (Convert? Beyond my intelligence level) The extension will be converted and you will be offered installation without any questions asked. Convert and View Details (I would know what I am viewing). After conversion you will be able to see conversion details - generally programmer stuff what code has changed, something you may or may not understand, but there will also be a link for installation. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
