d...@kd4e.com wrote:
Beauregard T. Shagnasty wrote:
If saving form data was removed, a lot of folks would be unhappy. It's
not a security "hole" and the behaviour will not be altered.
How about a *reasonable* alternative?
Make it user selectable?
Why force it on users when such is not at all necessary?
Phishing sites burn people every day, probably by the thousands,
why not make their lives more difficult?
The reasonable alternative, IMO, would be to store the information on
your machine in an encrypted fashion similar to Password Manager and not
allow it to be invoked unless the user does so for each site that
presents a form - this could be keyed to Master Password entry and/or
the user beginning to fill out the form. Personally, I would ask for
the Master each time a Form page is to be filled - that would also give
the user time to look to see that the data is being entered using a
secure site...but that's just my pref...
I've never used the Forms Data feature in any SM release, and likely
never will...but only for the reason that I could/can never tell if the
information it contains was/is stored using encryption. If I encryption
were employed I would have definitely used it - it's convenient, and I
can fully sympathize with folks that miss it.
--
- Rufus
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey
