Closed
Bug 302467
Opened 19 years ago
Closed 2 years ago
Pre-fill the username just attempted after HTTP authentication fails
Categories
(Toolkit :: Password Manager, enhancement, P5)
Toolkit
Password Manager
Tracking
()
RESOLVED
DUPLICATE
of bug 227632
People
(Reporter: KlausRusch, Unassigned)
Details
(Whiteboard: [passwords:http-auth])
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Currently when the authentication with the stored userid and password fails (that is, the server does not accept the presented credentials) Mozilla clears both the userid and password fields. Mozilla should only clear the password field and let the user choose another password, but remember the userid, which is most likely unchanged. Reproducible: Always
Updated•18 years ago
|
Assignee: dveditz → nobody
This has seen no action since 2005-07-28. Please note, that currently some sites use cookies to save the username entered and you are redirected to an "incorrect login" page to try to login again. Currently, password manager will store the username and password, even if incorrect. However, if the site is coded to do redirect to another page, password manager will see this as another site. I have tested multiple login sites. Some save the username, some let password manager fill in the username and password, and some clear both fields. It depends on the sites individual security policy implementation for incorrect logins. Since this bug has received no action in almost two years, I am resolving it as WORKSFORME.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → WORKSFORME
Reporter | ||
Comment 2•17 years ago
|
||
I assume from your comment that you are referring to userids and passwords in input (text and hidden) fields, whereas I was referring to basic authentication, where the site has no control over how Mozilla stores userid and password information. For basic authentication prompts, Mozilla does clear both userid and password when the credentials are no longer valid.
Status: RESOLVED → UNCONFIRMED
Resolution: WORKSFORME → ---
Updated•14 years ago
|
Component: Passwords & Permissions → Password Manager
Product: SeaMonkey → Toolkit
QA Contact: password.manager
Comment 3•10 years ago
|
||
I confirmed we still don't remember the username that was attempted but I also don't know if it's a good idea to fix this since users may think that it's implied that the username was correct when it may have actually been the only problem.
OS: Windows XP → All
Hardware: x86 → All
Summary: Feature request: Remember userid even when authentication fails → Pre-fill the username just attempted after HTTP authentication fails
Updated•8 years ago
|
Whiteboard: [passwords:http-auth]
Updated•6 years ago
|
Priority: -- → P5
Comment 4•5 years ago
|
||
Given the point made in comment #3 - we dont know if it was the username or password which was wrong - do we actually want to do this at all? My vote is wontfix, I don't see the value. A better fix/mitigation might be offering a menu of saved logins for this origin+realm (bug 227632)
Updated•2 years ago
|
Severity: normal → S3
Updated•2 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago → 2 years ago
Duplicate of bug: 227632
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•