Require password confirmation to perform actions of consequence


Status Graveyard
Admin/Editor Tools
10 years ago
2 years ago


(Reporter: Cameron, Unassigned)





10 years ago
Looking at Bug 374978 it's a security concern that you can remain logged in to AMO and thus other people could use your account if you forgot to logout on a public computer.

I propose that to perform some specific tasks or consequence (eg. pushing add-ons to public, approving add-on updates, perhaps some things in the Admin CP) you should need to re-enter your password. 

However it should not be required for everything in the developer/editor/admin CP, as that would get tedious and encourage people to use shorter, less secure passwords.

The impact of a compromised editor/admin account is so much more now than it was 3 years ago...

Comment 1

10 years ago
How about just a checkbox on the login page for if you're at a public terminal and then be more aggressive if they are?  (or maybe do the extra creds prompting for everyone and even more extra for public term ppl?)

Then you just have to figure out how to make people actually use the checkbox :-)
Maybe if it's an IP that's not logged in to AMO in the last 2 weeks (subject to tweak) default the checkbox to on.
Use a checkbox "remember me". But by the way, the problem should be more at the add-on developer side where people which limited access to internet are more likely to find. Is there any amo editor which reviews add-ons with a public pc? Does Mel Reyes work from home (he does many reviews in the day time)? If yes, I guess everyone does currently the reviews from home.

Comment 3

10 years ago
(In reply to comment #2)
> Use a checkbox "remember me".

Yeah that's how it's implemented:
We already do prompt for the password in the most secure admin areas. If this were to be implemented, I think it should be once every browser session. So we still set the cookie we did before, and when that cookie is gone, we prompt for password in certain areas to reset the cookie. But the 2 week login cookie is still there the whole time and valid for non-important things.
Ever confirmed: true
we already do this when changing passwords and secure admin pages.  If you don't want to remain logged in, don't check the box when logging in and close the browser when you're done.
Last Resolved: 9 years ago
Resolution: --- → WONTFIX


2 years ago
Product: → Graveyard
You need to log in before you can comment on or make changes to this bug.