This may not be news to all of you but I think many will be pretty chocked. Certainly I was. It was noticed earlier on last year but nothing – at least on OS X version – has been done to fix it. It’s a feature, not a bug.
You know when you’re login on to a website for the first time, your browser asks if you want to save the password? I often choose to save the login credentials on sites that aren’t in the circle of ‘important to keep secure’ sites. After all, my laptop locks up every time it goes to sleep or screensaver comes on so it’s not THAT easy to get on it.
Firefox obviously does this, too. It’s convenient to use it. But what I didn’t know before is how easy it is to get those passwords, in plain text. Go to Firefox Preferences and select the ‘Security’ -tab (those were air quotes) there select Show Passwords. Unbelievable. Anyone, who has access to your computer for about 30 seconds without you watching, will be able to LOOK at your passwords and copy them. In the following video, I will demonstrate how this is done, in under 20 seconds:
Of course some websites don’t let you save the password, banking websites foremost. But the problem is that so many people recycle their password. Using the same password for banking and facebooking is not a good idea.
I haven’t been using Firefox for a while now but when I did, I used to recommend it to people. I don’t anymore.
–kristian
ps. Safari saves passwords, too, but it saves them in Keychain. Keychain database has AES 128 bit encryption on it making it not far from un-hackable. You can still access them, but you need to be authorized as the admin.
Comments
2 Comments so far. Leave a comment below.yet another reason why the un-mac-ness of firefox makes it suck.
I’d like to like Firefox. It’s a good thing there is good competition against IE on Windows side and also some variety on Mac side. But as someone whose name I can’t remember right now has said, ‘Firefox on Mac is only ever going to be as good as the Windows version, never better’. I’ve really liked Safari 3.0 beta, draggable tabs is a feature I’ve missed from Firefox. Improved ‘find’ has a really nice touch to it. And Inquisitor plugin is just great.