Closed Bug 16086 Opened 20 years ago Closed 20 years ago
prompted to have browser remember my password even tho no pw
After submitting my second bugzilla query I see the following message prompt: "For your convenience, the browser can remember your user names and passwords so you won't have to re-type them in the future. Your passwords will be obscured before being saved on your hard drive. Do you want this eature enabled?" I find this prompt very confusing for the following reasons: * I didn't enter a user name or password on that form * the use of the term "obscured" seems like it might need more explanation or another term should be used. Feature Request: I shouldn't see this prompt unless I had a password input field or the message should change to be clearer of the feature being enabled when there isn't a "user name and password"
I tried this and did not get the message. But I am running on a windows box. Paulmac, can you try this on your mac and see if you are able to reproduce the problem. Thanks.
This behaviour does happen on Windows - observed on M10 on both 95 and NT, and M11 build 1999101109 on NT - but only the very first time bugzilla is visited after a fresh install. Given the nature of this behaviour, it almost certainly affects All OS. Comments: Strictly, this doesn't look like a bug, it seems to work as designed. I'm not as sure as email@example.com is that the behaviour is completely unwanted, but I agree that the UE could be improved. A better time to ask for a password for identifiers and credentials would be while setting up a profile. The same password could be used for protecting all stored autofill/wallet data. Asking for this password at profile creation time would be less of an intrusion, and would find the human in a mindframe more congruent to setting and either remembering or writing down a password. For this reason, I would advocate adding an interface for this type of password to the Preferences. Both a [Set Password] and a either a [Don't remember anything!] or a [Forget Wallet Entries] button would be needed... unless anyone would advocate having the forgetful human be prompted to enter a password to recall the password for a site, repeatedly, only to have to cancel the prompt for the password for the password every time... and then have to enter the site's password each time. With that scenario, the "For your convenience..." and password-setting dialogs would interrupt the first form submission only if that section of the Profile Wizard was skipped entirely during profile setup. At the same time, it would be less jarring to see a "Do you really want to use a blank password?" dialog than to see a "Confrim Password" dialog after clicking [OK] to a blank set-password dialog, for anyone, and especially newbies. I'd guess that, as with many optional security measures, a plurality of users won't bother setting a password for this purpose.
I can't believe this is happening -- it definitely works for me. I started off by wiping out my profile directory and my mozregistry.dat file. Then I entered the browser. I get the profile-creation window and enter a profile name. Then the browser come up. I go to buzilla.mozilla.org. I select the "query" link. Fill in a query and submit it. At this point I get the following one-time-only dialog which is to be expected: "You can save information that you enter on forms and later automatically prefill that information on other forms. To save such information, select edit/wallet/capture from the menu while viewing the form." The bug report says that the bad message (about remembering usernames and passwords) occurs on the *second* query so I go back to the query form and submit it again. I absolutely do not get a dialog. sidr, are you sure you are seeing the dialog that brade complained about? Or are you seeing the good dialog as I quoted above. As I said, this good dialog is what we expect and is the intended behavior of the product. Regarding your suggestion about setting up the database password at profile-creation time, this had been considered. In fact, I was going to use the same password that the user selected for his profile. Then the profile people decided not to solicit a password to protect the profile. So that left me high and dry and I had to do our own soliciting for the password. Your other suggestion of putting password options into the preferences is not a good idea. Only power users ever go to the preference panel so the average (novice)user would never discover it. Don't be too concerned about the second dialog asking for password confirmation. That is just temporary. It is anticipated that the dialog people will be giving us a single dialog with two password fields and we won't have to use the back-to-back dialogs in the final product. So, dismissing the several request-for-enhancement issues mentioned in this bug report, let us focus on the bug itself. Paulmac, can you verify that we are really getting the "bad" dialog when submitting a bugzilla query? On the mac? On all platforms? And why am I not seeing it?
morse, no, as I stated, I see the "For your convenience" once only after saving the default profile for each build/OS combo, and yes, I always kill mozregistry.dat. To eliminate another possibility, I tried, with a fresh M11 build 1999101109 on NT, going to another site with a login, first, and then to bugzilla. The "For your convenience" dialog does seem to come up only once ever, not once per site. I think I may see what's bothering him, though, and it is vaguely unsettling to me too. After the "For your convenience" dialog, the two "save password for this database" dialogs do not immediately follow, but come AFTER the "Do you want to save ... for this form" dialog. I think the relevant principle here is finishing one interrruption before continuing with another. Carefully reading brade's original report, I'm not sure that he ever saw a bug (just a behaviour he considered broken as designed). Here's why: it is possible to submit and view results from an arbitrarily large number of bugzilla queries without ever logging in to bugzilla. Secondly, I'm not sure brade didn't mean the form generated by show_bug.cgi when he says that he didn't enter a username or password on "that form" - after all, while the bugzilla login is a form, any form with just a username and password field doesn't really feel like a form. So his second bugzilla query could easily have been his first bugzilla login. Note also that he does not actually say that he saw the "For your convenience" dialog twice. As for my preference for capturing such a password at profile-creation time rather than at the first site login, my perspective is ISP tech support calls: this sounds like exactly the kind of pop-up dialog that gets clueless newbies to call all anxious wondering if they dare even touch their computers after "this strange message came up." I kid you not. You can see how this could happen if a fifty-something gets their kid to install the browser, and the kid isn't around later. But even if a newbie is doing their own install, a dialog in the profile wizard would be just part of the process, not a startling intrusion. That said, I won't say any more about this until after shipping, but I promise you that if I take one of those calls about that dialog, I'll submit a bug report! One final thing: in the "Do you want to save the username and password for this form" dialog, the two options are [OK] and [Cancel]. [Yes] and [No] would be more natural by far, and not give the vague impression that clicking on anything but [OK] may not accomplish the site login (I used the word clueless above for a reason).
sidr, First, I should mention that brade is Cathy Brade, so it's "she" and not "he". But of course you had no way of knowing that. Second, let's not cloud the issue with requests for enhancements (which should be put into separate bug reports) but stick with the bug. There are two different informative dialogs and each occur once per the lifetime of the browser (actually the lifetime of the prefs.js file because that's how we keep track of the fact that the dialog was issued). One dialog tells about remembering usernames and password ("For your convenience ...") and the second about saving information on forms ("You can save ..."). Cathy reported that she got the "For your convenience..." dialog when submitting a non-password form. If that really happened, it is a bug. She should have gotten the "You can save..." dialog.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → WORKSFORME
Since I'm seeing that this is working for me, and since nobody has posted anything to the contrary in the past few days, I'm closing this out as works-for-me. If I'm wrong and anybody is still seeing this symptom (namely one-time remember-password message occuring when submitting a non-password form), please re-open this bug report.
Sorry I haven't been able to respond here until now (I've been busy with the key event synchronization stuff). The day I filed this bug, I saw the two dialogs (on separate page loads). I got the "You can save..." dialog after the first page load. I got the "For your convenience..." dialog on the second page load when I submitted the bugzilla query (a non-password form). I do think I saw a bug; I'll try to reproduce.
Marking Verified as WorksForMe per above comments. Old bug, have not seen on this weeks build. Please reopen bug if this happens again. Thanks!
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.