passwords should be stored for host+path and not just host
Categories
(Toolkit :: Password Manager, defect)
Tracking
()
People
(Reporter: securifirm, Unassigned)
References
Details
(Whiteboard: [see comment #7 before adding a new comment])
Comment 1•20 years ago
|
||
Reporter | ||
Comment 2•20 years ago
|
||
Comment 3•19 years ago
|
||
Comment 4•18 years ago
|
||
Updated•18 years ago
|
Comment 5•18 years ago
|
||
Comment 6•18 years ago
|
||
Comment 7•18 years ago
|
||
important |
Comment hidden (advocacy) |
Assignee | ||
Updated•16 years ago
|
Comment hidden (me-too) |
Comment hidden (me-too) |
Comment 18•16 years ago
|
||
Reporter | ||
Comment 19•16 years ago
|
||
Comment 20•16 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 26•16 years ago
|
||
Comment hidden (advocacy) |
Comment 28•16 years ago
|
||
Comment 29•16 years ago
|
||
Comment hidden (advocacy) |
Comment 31•16 years ago
|
||
Comment hidden (advocacy) |
Comment 33•16 years ago
|
||
Comment 34•16 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 41•16 years ago
|
||
Comment 42•16 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 49•16 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 55•14 years ago
|
||
Comment 57•13 years ago
|
||
Comment 58•13 years ago
|
||
Comment 59•10 years ago
|
||
Comment 60•10 years ago
|
||
Comment 62•10 years ago
|
||
Comment 63•10 years ago
|
||
Comment 64•10 years ago
|
||
Comment 65•10 years ago
|
||
Comment 66•10 years ago
|
||
Comment 67•10 years ago
|
||
Comment 68•10 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 79•9 years ago
|
||
Comment hidden (advocacy) |
Comment 81•9 years ago
|
||
Comment 82•9 years ago
|
||
Comment hidden (advocacy) |
Comment 85•9 years ago
|
||
Comment hidden (advocacy) |
Comment 87•9 years ago
|
||
Comment 88•9 years ago
|
||
Comment 89•8 years ago
|
||
Comment 90•8 years ago
|
||
Comment 91•8 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment hidden (advocacy) |
Comment 96•7 years ago
|
||
Comment 97•7 years ago
|
||
Comment 98•7 years ago
|
||
Comment 99•7 years ago
|
||
Comment 101•7 years ago
|
||
Comment hidden (advocacy) |
Comment hidden (off-topic) |
Comment hidden (off-topic) |
Comment hidden (off-topic) |
Comment 106•6 years ago
|
||
Comment hidden (advocacy) |
Comment 108•6 years ago
|
||
Comment hidden (advocacy) |
Comment 112•5 years ago
|
||
+1 for host+path password management. Certainly there are ways to keep it accessible to all users and avoid confusion. Suggestion:
-
If a new username was used in a particular domain, FFox stores it+path, but keep auto-completing on all paths (current behavior);
-
If the same username with different password is used on another path, FFox ask to UPDATE the current user password or to STORE THE NEW PASSWORD only for this specific path.
There are many cases where it is useful, like service providers that offer multiple services on the same domain, with same username and different passwords, ex:
https://myitside.com/webmail/
https://myitside.com/controlpanel/
https://myitside.com/emailmarketing/
https://myitside.com/phpmyadmin/
https://myitside.com/billing/
Comment 113•5 years ago
|
||
Is @kizorr's suggestion also one that would break the browser usability?
Comment 114•5 years ago
|
||
This isn't a case that's a priority to support as we don't want to encourage the behaviour of having different realms on the same subdomain. Please use separate subdomains if the password for a given username is different. There are many potential security issues allowing login theft from the different directories on the same domain.
(In reply to brunoais from comment #113)
Is @kizorr's suggestion also one that would break the browser usability?
Yes, because for the 2nd bullet the user now has to choose between Save or Update adding UI complexity.
Comment hidden (advocacy) |
Comment 116•3 years ago
|
||
I do agree with nikö comment #115, although his choice of words might be a bit inappropriate. Most web services nowadays like to do their own user credentials management. This is even more so in containerized deployments that is so popular today. When someone installs several such services and doesn't want to (or cannot) run his own dns server to create subdomains for them, the user of such services is confronted with inferior user experience. One could argue that the user should use the same password for all services on the same domain, this is not always convenient or desirable.
For instance I have a grafana server and a webmail service on my raspberry pi. These are totally independent and moreover the webmail uses the credentials of the imap server is proxies, which does not run on the same host. I think it would be great if firefox could manage the passwords for these services as independently as the services are. Using the strategy kizorr comment #112 suggests should not hamper user experience people expect and allow to manage passwords per service as needed.
I know that other browsers (~google chrome) don't have this capability either. This is a great opportunity for mozilla to give Firefox some added value it deserves and gain some market share again.
Comment 117•2 years ago
|
||
I'm surprised this (somewhat obvious) solution hasn't been presented yet:
Add an attribute to the login form html element, the attribute indicating the domain or sub-site the login / password is pertaining to. This should also be a CSS tag so that site-managers can add it to older apps which only support (or make it easier) changes to CSS.
For instance, on mysite.org/admin
you might have:
<form class="login-page" action="/admin/auth.php" method="post" name="userlogin"
autharea="mysite.org/admin">
...
</form>
For a CSS attribute, I propose (out of relative ignorance of mozilla css tag conventions): -moz-form-autharea
Alternatively, and perhaps for ease of implementation, the hint could be in the password field input element or part of its class.
<input id="wpPassword1" name="wpPassword" size="20" class="loginPassword mw-ui-input" placeholder="Geben Sie Ihr Passwort ein" tabindex="2" required="" autofocus="" type="password"
autharea="mysite.org/admin">
This would also solve related issues of several domains and hostnames sharing the same login credentials (when SSO is not used), such as bugzilla.mozilla.org
and hacktheworld.mozilla.org
.
Comment 118•2 years ago
|
||
Looking at WWW-Authenticate, a better choice for the tag is simply realm
. Assuming there is no conflict there, I would recommend then it be associated with the <input type=password>
tag:
<input type=password realm="mydomain/application1">
and
-moz-authentication-realm: mydomain/application
Comment 119•2 years ago
|
||
Apparently, I left my security cap in the shower today. The above solutions can end up being very very dangerous :(
Description
•