Closed Bug 271039 Opened 20 years ago Closed 20 years ago

Add support for "wallet.crypto.autocompleteoverride" to FireFox

Categories

(Toolkit :: Password Manager, enhancement)

Product:
Toolkit
Component:
Password Manager
Platform:
x86
All
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED DUPLICATE of bug 245333

People

(Reporter: jcm, Assigned: bryner)

Details

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 Firefox 1.0 does not honor the "wallet.crypto.autcompleteoverride" prefs that is currently supported by Mozilla as well as by Camino. There are references to this being due to Firefox not using "wallet", see bug #259441, Comment 5. This is a feature request to have Firefox 1.0+ honor this pref. Here are the reasons: a) Users migrating from various versions of Mozilla, Netscape, Phoenix, Firebird and so on may have this pref and expect it to be honored. b) Firefox 1.0 does NOT behave properly with saved passwords migrated from Mozilla when accessing a website that uses the autocomplete="off" setting, when the "wallet.crypto.autcompleteoverride" option was in use under Mozilla. See also bug #271038. b) Users should always be in control of what their browser does, ESPECIALLY with regards to security items. c) Ultimately, there is NO WAY to prevent an end-user from saving their passwords on their computer. There are multiple workarounds to this "security feature" including: 1) Bookmarklets 2) Third-party password managers 3) Alternative browsers 4) Extensions to Firefox 5) End-user modifying of binaries 6) End-user patching of source and recompiling of binary (Note that the same goes for banks "blocking" a browser, since it is trivial to modify the User Agent response a browser gives). This is not strictly about software, but about a critical aspect of software freedom and the Open Source movement. For an open source project to bow to the whims of banks for the sake of "market share" leaves a bitter and foul taste in ones mouth. Any financial institute foolish enough to think their liability extends to the users desktop needs to go back to school. Financial institutes, especially those wishing to comply with GLB, need to start implementing security that will REALLY make a difference, such as two-factor authentication, longer password lengths, dictionary checks and password expirations. Reproducible: Always Steps to Reproduce: N/A Actual Results: N/A Expected Results: N/A
*** This bug has been marked as a duplicate of 245333 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
What was the point of this? (rhetorical - don't answer). The other bug isn't even wontfixed (which wouldn't make it right but at least a little more understandable). v.
Status: RESOLVED → VERIFIED
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.