Yes, that's clear BJ, and you're right. Many browsers have "password manager" sorts of things that allow the user to locally save passwords in a usually encrypted store of some sort, and that is very different from a cookie and not anything the server can control.
-David On Jul 31, 2010, at 2:22 PM, BJ Freeman wrote: > clarification > I said the browser does > when you login to a site the browser ask if you want to store the login > (userid and password). > this has nothing to-do with ofbiz. > > Wai sent the following on 7/31/2010 11:35 AM: >> >> BJ, >> does ofbiz actually store the password in the cookie? Because a cookie is >> really a text file, anybody who has access to a browser cache would be able >> to see it. >> A regular person can see the contents of a cookie just by typing in >> "javascript:document.cookie" in the address of the browser. >> >>> From your previous posting, I take it that ofbiz should be run in an >> intranet environment. But that would not quite work for people using ofbiz >> ecommerce app. Since the ecommerce app stores the username in the cookie as >> well. >> Wai
