208358 - Passwords are stored server wideAllow option for "never save password" to be applied to individual page instead of entire domain.

Status: RESOLVED DUPLICATE of bug 131913

(SeaMonkey :: Passwords & Permissions, enhancement)

Description

[Robin E. Hall]

User-Agent:       Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Opera 7.11  [en]
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.3.1) Gecko/20030425

When I use this for a page where we access account information, when I log onto 
the first page and save my username and password, it tries to put my username 
and password in our clients username and password fields when looking customers 
up. This can be resolved by telling it to never save passwords on the first page 
but if a person who works here puts their username and password in and tells it 
to save it, then the customers they update inadvertantly get changed and this 
can cause a great deal of grief for the customers and us. 

Reproducible: Always

Steps to Reproduce:
1.Save passowrd on the first page of given website
2.pull up customer information
3.their information is changed to yours

Actual Results:  
the customer information is corrupted

Expected Results:  
THe password should be saved on the log in page of the website only

Comment 1

[Jason Barnabe (np)]

What given website?

Comment 2

[Robin E. Hall]

This is an internal page on our netowrk. Will be be helpful if I posted source
for the pages having problems?

Comment 3

[Michiel van Leeuwen (email: mvl+moz@)]

There are also websites where you can log on from multiple pages. So the
password manager will fail on those sites once we fix this bug.
We jsut need to make a choice. We can't have both.

Comment 4

[Jason Barnabe (np)]

"Password Manager will never save login information for the the following sites:"

So isn't it by site? If I said never to save at http://www.foo.com/foo1.html,
doesn't that mean it won't save at http://www.foo.com/foo2.html? If not,
couldn't that be an option?

Comment 5

[Robin E. Hall]

isn't there a way to make a choice when you go to save a password to save it on
just that page or server wide? I think that would be a pretty good resolution to
making the choice.

Comment 6

[Robin E. Hall]

Yes I can say not to save it for that site on my computer but I am trying to get
the company that I work for to implement Mozilla for internal purposes. We have
a lot of people working here and to trust that noone will save passwords on that
site and thus not corrupt customer passowrds may be a bit daunting. 

Comment 7

[Jason Barnabe (np)]

My comment #4 and your comment #5 are saying the same thing, Robin: an option to
not save on the entire site (server) instead of on the single page (what it's
doing now).

Confirming. I suggest the title be changed to 

Allow option for "never save password" to be applied to entire domain instead of
individual page.

Or something like that. That would also make this an 'enhancement' in the
severity box.

Comment 8

[Michiel van Leeuwen (email: mvl+moz@)]

The "never save password" does apply to the whole domain. So does the saved
password.
The request of this bug, as i understand it, is to let the password only apply
to one page.

Comment 9

[Robin E. Hall]

Exactly I want it to just apply to the first page on the server. 

Comment 10

[Jason Barnabe (np)]

OK, sorry, got that backwards. I just have experience where it's not stored
server wide, so that's why I thought it was that way.

Comment 11

[Jason M. Abels]

Updating summary per bug reporter's suggestion and comment #7. This is an RFE,
changing that status too. 

Summary changed from "Passwords are stored server wide" "Allow option for "never
save password" to be applied to individual page instead of entire domain.

Comment 12

[Jason M. Abels]

And anyway, this is a dupe of bug 131913

*** This bug has been marked as a duplicate of 131913 ***