On 8/6/2013 4:51 AM, Lloyd Hilaiel wrote:
http://blog.elliottkember.com/chromes-insane-password-security-strategy
(forwarded from dev-identity)
lloyd
We do the same thing in Firefox. We import your passwords when we can
and we make them available inside of Firefox options with a figleaf
"show hidden passwords" button in our password manager.
I think this behavior is fine. The "I gave my laptop to someone and
they could see my passwords" is an easy "OMGWTF" moment for those who
don't think about it very far. But when you consider the alternatives
and you think about the most common use cases, it becomes pretty obvious
that this is completely acceptable design.
The answer is not to try to hide those passwords from their owners but
rather to create a working account system that lets you hand your
machine to someone else in a guest mode or a secondary account, IMO.
- A
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
