[tightsocks]

Someone should make a Safari 5 extension that is a very basic password manager.
Just basic manual store/fill of logins with storage in the keychain.

Safari can't remember/autofill logins for some sites that use non-standard forms and we need something to fill the gap!

[besson3c]

Originally Posted by tightsocks 

Someone should make a Safari 5 extension that is a very basic password manager.
Just basic manual store/fill of logins with storage in the keychain.

Safari can't remember/autofill logins for some sites that use non-standard forms and we need something to fill the gap!

Those fields probably have autocomplete disabled on them as a security measure at the HTML level. This should not be overridden. Check the source code for:

<input type="text" name="cc" autocomplete="off" />

[Oisín]

This should not be overridden.

Why not?

Storing your passwords is inherently unsafe, but it should be up to the user, not the site, whether to take the chance. Most sites I can think of where storing your password would be a really bad idea (like netbanking sites) use Java applets or something similar anyway, and thus provide security against password storage at a higher (or deeper?) level than just HTML.

Measures against password storage at the HTML level is fairly useless, in my eyes.

[tightsocks]

Already overriding the "autocomplete=off" tag with this extension.

We still need something that we can use to manually store/add/copy/paste items to the keychain easily from within Safari.

Forms like the drop-down login form at Twitter.com or the login form at Howardforums.com don't use "autocomplete=off"

[besson3c]

Originally Posted by Oisín 

Why not?

Storing your passwords is inherently unsafe, but it should be up to the user, not the site, whether to take the chance. Most sites I can think of where storing your password would be a really bad idea (like netbanking sites) use Java applets or something similar anyway, and thus provide security against password storage at a higher (or deeper?) level than just HTML.

Measures against password storage at the HTML level is fairly useless, in my eyes.

I suppose an extension that puts the onus on the user is fine with me, but I'm still a little weary of that. I can't count how many times I've used a public machine where a user forgot to log out of their email, there was some browser history which showed some pretty weird browser activity, there was a login form I could easily negotiate with autocomplete, whatever. At one of my last jobs we were fairly certain that there was a keystroke logger installed somewhere that was helping compromise accounts. It's bad enough when these sorts of things exist, but couple this with ignorant users or users cavalier about their own security, and I'm generally inclined to err on the side of security.

Put it this way, as a developer I like the autocomplete setting - I don't want to have to deal with compromised accounts, nor do I want to be associated with them in any way, no matter how remote the possibility.

[besson3c]

Originally Posted by tightsocks 

Already overriding the "autocomplete=off" tag with this extension.

We still need something that we can use to manually store/add/copy/paste items to the keychain easily from within Safari.

Forms like the drop-down login form at Twitter.com or the login form at Howardforums.com don't use "autocomplete=off"

I think autocomplete looks for the form names and/or CSS IDs of fields and completes them accordingly. It is probably best in terms of effectiveness not to tether autocomplete to particular pages since these pages may change, but I think if you were to design something like this this is probably how it might best work.

[turtle777]

Originally Posted by tightsocks 

Safari can't remember/autofill logins for some sites that use non-standard forms and we need something to fill the gap!

There *is* something to fill the gap. It's called 1Pasword.

-t

[tightsocks]

There *is* something to fill the gap. It's called 1Pasword.

1Password is overkill for my needs.

Need something lighter then 1PWm but which is secure (ie. keychain) and always available (ie Safari extension/toolbar)...

[turtle777]

LOL, overkill I what respect ?

It does what you need it to do, and there is nothing elsen that compares.

-t

[tightsocks]

Originally Posted by turtle777 

LOL, overkill I what respect ?

It does what you need it to do, and there is nothing elsen that compares.

-t

It has many features that I don't want for my limited use and it also has some shortcomings that also make me unwilling to adopt it as my main password manager...

[turtle777]

Originally Posted by tightsocks 

It has many features that I don't want for my limited use and it also has some shortcomings that also make me unwilling to adopt it as my main password manager...

Well, don't use the features you don't use.

What things are you missing ?

-t

[P]

Originally Posted by besson3c 

Put it this way, as a developer I like the autocomplete setting - I don't want to have to deal with compromised accounts, nor do I want to be associated with them in any way, no matter how remote the possibility.

As a user, I dislike the autocomplete setting for three reasons. One is that it implies that your site is more important than my email, which strikes me as presumptuous, and the second is that such a password will just end up on a postit stuck to the screen anyway. The third is that it is part of the general trend of being too safe rather convenient. This is like those bans on cell phones at gas stations in some countries, for fear that they might ignite fumes - I remove a big chunk of your convenience in the name of safety, because it protects me from potential harm and doesn't hurt me at all.

(sidenote: The cell phone ban is among the most absurd rules I've ever seen. Everyone and their grandmother has had a cell phone for 15 years at least, most countries do not ban them at gas stations, and there has been exactly zero accidents as a result. Hey, mr regulator: Would you like me to draw you a picture?)

[besson3c]

Originally Posted by P 

As a user, I dislike the autocomplete setting for three reasons. One is that it implies that your site is more important than my email, which strikes me as presumptuous, and the second is that such a password will just end up on a postit stuck to the screen anyway. The third is that it is part of the general trend of being too safe rather convenient. This is like those bans on cell phones at gas stations in some countries, for fear that they might ignite fumes - I remove a big chunk of your convenience in the name of safety, because it protects me from potential harm and doesn't hurt me at all.

I don't understand the first argument. When a server is compromised it doesn't just affect the admins, it affects you too. When a webmail server is compromised by spammers it is used to send out ridiculous amounts of spam, which creates backlogs of queues, a less responsive interface, and most importantly, it puts the server on black/blocklists which affects all other users. If I've misunderstood your point, I apologize.

Do you put your passwords on post-it notes and attach these to public computers? Compromised accounts often occur at public machines, not always in homes that have some degree of physical security. I think this argument has more to do with enforcing long and complicated passwords or passphrases, and I actually agree with you on that - forcing longer and more complicated passwords trades off fewer support requests and user convenience for some amount of security, and even this is debatable when you are dealing with keystroke loggers, for instance.

As far as your third argument, I agree that there is a balance, but again, as a developer I would still prefer to keep a safe distance away from anything that may potentially compromise my systems. There are a number of places where people use public machines or machines that do not belong to them:

- waiting rooms (e.g. when getting your car repaired)
- internet cafés
- libraries
- computer labs
- a friend's or girlfriend/boyfriend/ex-girlfriend/ex-boyfriend's house

it is so easy to forget to log out, or you forget to switch your browser to private browsing mode, or whatever. Rule of software engineering: if you give your users a gun they will find a way to shoot themselves with it.

[turtle777]

Originally Posted by besson3c 

Rule of software engineering: if you give your users a gun they will find a way to shoot themselves with it.

That's why I'm for password protected guns.

Oh, wait, nevermind

-t

[besson3c]

sudo shoot --bullet
sudo shoot --rocket

[AKcrab]

(I know, it's been done to death, but it still makes me laugh.)

[tightsocks]

Originally Posted by turtle777 

There *is* something to fill the gap. It's called 1Pasword.

-t

Just found lastpass.com
It is basically a free 1Password 'lite" The form filling routines are almost exactly like 1Password's.
Still a bit overly complex for my needs, but it seems to do exactly what I'm looking for, i.e autocomplete for sites with login forms that aren't handled by Safari.

And it's free...

[turtle777]

Well, they say it's safe and that your data is encrypted and unreadable, but still, I'd be uncomfortable giving a website all of my passwords.

-t

[tightsocks]

Originally Posted by turtle777 

Well, they say it's safe and that your data is encrypted and unreadable, but still, I'd be uncomfortable giving a website all of my passwords.

-t

In my case I'm only giving them a handful of less important logins.

It would seem however, that the entire security system rests on the security of the email account associated with the service.

If you can access that email then it would seem that you can reset the master password for the service.

They even offer two factor login support, but it can be turned off by anyone that can get access to the associated email account and click the confirmation link in the email!

[besson3c]

Originally Posted by tightsocks 

In my case I'm only giving them a handful of less important logins.

It would seem however, that the entire security system rests on the security of the email account associated with the service.

If you can access that email then it would seem that you can reset the master password for the service.

They even offer two factor login support, but it can be turned off by anyone that can get access to the associated email account and click the confirmation link in the email!

Unencrypted plain text emails cached to your local hard drive or stored on your hard drive, in the case of POP email accounts, that can be skimmed through by a simple grep command without requiring authentication, or in the hands of a third party whose data you do not own (in the case of GMail or the like)? I think I'm with Turtle...

Sensitive information in email = bad

[tightsocks]

I'm not absolutely positive about the password recovery procedure via email...

[besson3c]

Originally Posted by tightsocks 

I'm not absolutely positive about the password recovery procedure via email...

It's good that you are looking into it!

[tightsocks]

It would seem that you can disable two factor support via an email confirmation.

But there is no email reset for the master password.
https://lastpass.com/help.php?fromwe...&fromwebsite=1

[Big Mac]

Originally Posted by turtle777 

Well, they say it's safe and that your data is encrypted and unreadable, but still, I'd be uncomfortable giving a website all of my passwords.

LastPass supposedly stores its files encrypted locally.

[P]

Originally Posted by besson3c 

I don't understand the first argument. When a server is compromised it doesn't just affect the admins, it affects you too. When a webmail server is compromised by spammers it is used to send out ridiculous amounts of spam, which creates backlogs of queues, a less responsive interface, and most importantly, it puts the server on black/blocklists which affects all other users. If I've misunderstood your point, I apologize.

I know that there are problems if passwords are compromised, my point was over the relative harm from a break-in. None of the major webmail services use that flag, as far as I know, so why should you for what is likely a less important site?

Originally Posted by besson3c 

Do you put your passwords on post-it notes and attach these to public computers? Compromised accounts often occur at public machines, not always in homes that have some degree of physical security.

But disabling password managers on a per-site basis does nothing to solve the "public machine in a lab" problem. It's possible to disable password managers on a per-computer basis in say a lab, and that's different, but that tag only means "I don't like password managers, so noone should use them".

Originally Posted by besson3c 

I think this argument has more to do with enforcing long and complicated passwords or passphrases, and I actually agree with you on that - forcing longer and more complicated passwords trades off fewer support requests and user convenience for some amount of security, and even this is debatable when you are dealing with keystroke loggers, for instance.

My pet peeve is not those rules, but rules about changing passwords at a certain interval. Everyone I know just appends a digit at the end and increments by one, not only defeating the purpose but actually decreasing net password security.

As for longer and more complicated passwords, I find that education works much better than rules. Some people combine this with dictionary attacks run by admins to weed out the worst passwords.

Originally Posted by besson3c 

As far as your third argument, I agree that there is a balance, but again, as a developer I would still prefer to keep a safe distance away from anything that may potentially compromise my systems. There are a number of places where people use public machines or machines that do not belong to them:

- waiting rooms (e.g. when getting your car repaired)
- internet cafés
- libraries
- computer labs
- a friend's or girlfriend/boyfriend/ex-girlfriend/ex-boyfriend's house

it is so easy to forget to log out, or you forget to switch your browser to private browsing mode, or whatever. Rule of software engineering: if you give your users a gun they will find a way to shoot themselves with it.

And all of this is fine, but the tag in question cannot possibly distinguish those situations. All it can do is disable password managers completely, which will only lead to the password being written down somewhere, which is much less secure.