Closed Bug 145797 Opened 23 years ago Closed 23 years ago

[rfe] Way to force the use of password manager despite site "opt out" with autocomplete=off

Categories

(SeaMonkey :: Passwords & Permissions, enhancement)

Product:
SeaMonkey
Component:
Passwords & Permissions
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: nick, Assigned: morse)

Details

Tthere should be a way of *manually* forcing a password to be saved. I guess that banks have problems with the automatic activation of the pw manager. I'm talking of a context menu.. like.. "force the use of password manager to store this password". And there could be a warning "This site has requested the password to be handled with special care. Are you sure you want to store the password in the pw?". It's my computer and I have to have the final decision on what goes into the password manager.
*** This bug has been marked as a duplicate of 124065 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Uh? That bug was about adding a preference to automatically save all passwords (when there's a master password). This bug is about an UI option for manually overriding and force the use of pw manager.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
I would agree that such a facility is needed -- there is no convenience benefit in having a web password autocompleted if you have to first enter a password in order to do so! (If you had multiple login forms / difficult to remember passwords, then there would remain an advantage, but I doubt this is the usual case.) An override UI would make this more logical. (Not to mention that a user should ultimately be able to do this if they really wish, especially when "autocomplete=off" is abused by sites such as Yahoo...)
This isn't a perfect solution, but here's a 'bookmarklet' that you can use to 'fix' an offending page. Once it's fixed once and the password is saved, Mozilla will autofill it just fine each time in the future. The javascript to put into a bookmarklet is: javascript:(function(){var x,i; x = document.forms; for (i = 0; i < x.length; ++i) x[i].setAttribute("autocomplete","on"); alert("Changed " + x.length + " forms to use autocomplete. After submitting a form from this page, you should be able to save the password."); })(); I hope that gets saved okay... It all has to be on one line, and you put it into a bookmark on your personal toolbar. Click it when you're on a financial (or yahoo mail) page, and it'll 'fix' any forms on the page to be autocompletable. If it didn't save properly, then go to http://www.vixen.com/bookmarklet.phtml and do as it bids. This fixes it 'enough' for me to no longer worry about a source fix, but for users wanting something simpler, they may need a more internal solution. -- rh
I also wrote a bookmarklet that does the same thing: http://www.squarefree.com/bookmarklets/pagelinks.html#remember_password. Mine also removes onsubmits, which is necessary for Yahoo Mail but not for other sites that ask Mozilla to disable password manager.
This bug should be wontfix. If fixed, it would cause many banks, financial institutions, and web sites to block Mozilla. If you don't like how the site works, then don't go there. If you want to hack around with Mozilla, or create a bookmarklet, go ahead. That's your own deal.
Let's clarify what this bug is all about. Comment 2 says > Uh? That bug was about adding a preference to automatically save all > passwords (when there's a master password). This bug is about an UI > option for manually overriding and force the use of pw manager. Now that's two separate issues. Namely 1. have a pref to override autocomplete=off when not using encryption (there already exists such a pref when using encryption) 2. have a UI to access that pref. This bug report is about the pref only. If you want a UI for it, then open a separate bug.
Status: REOPENED → ASSIGNED
Well, my original intention when reporting this bug was to have a manual way to force a one-time use of the pw manager. Example: No pref changed, you go to Yahoo and the password is not saved because autocomplete=off is there. The user right-clicks in the form and gets a menu option saying: "Force saving this password despite server choice". He might get a confirmation window informing him of the situation: "This site has stated that the password must be handled with great care. Saving the password into the Mozilla's password manager have the following implications.... blah blah [Save the password] [Don't save it]".
OK, now that you've clarified this, this bug wont get fixed. It would cause all the financial sites to pull the plug on the browser. I've opened bug 154825 to do what I thought you were asking for. That one has a chance of really being implemented.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → WONTFIX
I don't think so. Banks disable autocomplete because in Explorer it's activated by default, and by default everything get saved (coupled with users clicking ok in every dialog-box they see). If you've been to an internet cafe you know what I'm tlaking about, you often see that Explorer has saved other people passwords. This feature would be invisible to those naive users.
Why would banks block Mozilla if you can do it manually, but don't block Mozilla if you can do it automatically. This sounds like FUD. pi
*** Bug 270321 has been marked as a duplicate of this bug. ***
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.