My understanding as well, and one of the reasons I stick with 1.1.19 on
my primary machine - the dialog clearly states so; it does not clearly
state so in 2.x.x and so I assume the worst. But I always use a Master
and wouldn't use the Manager any other way.
It's also why I've never used the Forms Manager - there has never been
any clear dialog statement as to if the stored contents of the Forms
Manager are encrypted or not. If there was, I think I would have used
it...it's a nice feature.
Personally, I flat refuse to bank online, and am also every skeptical
about shopping online. If I can pick up a phone to make a transaction,
I prefer to do that. There's a lot of skimming/hacking/etc. going on
around my valley, an I'd prefer to just steer clear of it...
--
- Rufus
L. Mark Hall wrote:
For years I have never stored anything in the password manager other
than the passwords for my email accounts. All other information, like
banks, I enter every time I go to the site. I have always believed this
to be the safest approach, though a bit less convenient.
My understanding is that the use of the master password causes all of
your passwords to be encrypted and are only un-encrypted when the master
password has been entered. Then the plain text passwords exist in
memory, where they are difficult to get at. Did I miss understand this?
Some of what I have read in this thread seemed to imply that use of the
MP is a security risk.
If banks really wanted better security for their users there are lots of
better ways to manage user login. Since these have never been
implemented, I am guessing they are most concerned on limiting their
workload on their end and preserving their ability to harvest marking
material from your computer.
LMH
Tom Pamin wrote:
Robert Kaiser wrote:
JohnW-Mpls schrieb:
When I go to the WSJ site with 1.x, their site comes up with a "Hello,
John" greeting - they already know me as a customer. With 2.x. the
WSJ comes up but I am restricted till I click to login and then I need
to right-click for 5-15 seconds for 2.x to finally respond with my
ID/Password, or I need to enter in the first character of the ID I use
for that vendor.
Now, wait, you're talking here about something else than some other
assumed, I think. It sounds to me that 2.c actually remembers your
login in the password manager, that's why it fills it in once the
page has loaded.
The difference you are seeing there is that you're not logged in
right from the start - without even needing the password manager to
fill in your username and password in those fields (as in both 1.x
and 2.x the password manager doesn't do more than remembering those
and enter them when you encounter username/password fields).
This makes me think that there's some difference in Cookie handling,
as probably that website remembers your credentials via some
Cookie(s) stored in the browser.
Robert Kaiser
Add me to the list of users sticking with 1.19. Forms Manager and
passwords work just fine for me. Why go to 2.04 when it's a step
backwards? If security is the only reason, I'll take my chances.
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey