found while using branch/pr2/comm bits on winNT [2000.08.01.04-m17]. 0. make sure you have password data that's been saved, as well as signon info for which you had entered "Never for this Site." that way you can see data under the tabs for "Passwords Saved" and "Passwords Never Saved" in the Stored Passwords dialog. 1. select Tasks > s-p > Password Manager > Clear Stored Data. 2. click OK in the resulting dialog to clear the data. 3. verify by opening the Stored Passwords dialog. results: there are no entries in the "Passwords Saved" tab (expected), but there are still entries in the "Passwords Never Saved" tab. i would expect that clearing the data will clear *both* saved password info, as well as the sites for which you never want to save passwords. (after all, saved form data is also removed via Clear Stored Data.) whether or not passwords are themselves saved, Clear Stored Data sounds broad enough to me to encompass password, site and form info. vera/matthew, what are your thoughts?
I'm wondering why `Clear Stored Data' is a menu item at all. Surely it's not going to be used nearly often enough to deserve a place in the menus. It should be a button in the Password Manager dialog instead.
I actually expected that this item removes only one's stored user names, passwords, and other sensitive information (from Form Manager). Maybe it should read, "Clear Saved Sensitive Information." Removing it from the menu and putting it in the dialog might be a good idea. Perhaps it *should* be less accessible -- because if a user choses this accidently, he or she could be in for a really hard time. (Particularly if he or she has a poor memory!)
matthew/verah, i've filed bug 47329 for requesting to get Clear Stored Data into a dialog and off the menu... the issue here in this bug is that all the data i'd expect is not removed. :-)
Wait -- let me explain why this should work as it currently does and not be changed. First, the removing of stored password data could always have been done from the password-manager dialog by pressing the remove-all button. So why then do we have this as a separate menu item and why does it remove password data as well as form data? Simple. Because if the user has his data encrypted and then forgets his master password, he is dead. There is no way for him to remove the data and start over. This is the purpose (and the only purpose) of the remove-data menu item. So should it remove the stored sites as well. No. The user can always remove the sites by himself by going to the password-manager dialog. It was the loss of master password to the encrypted data that was hurting him. The stored sites are not encrypted. As far as a user pressing it by accident, we already take care of that. He is warned that all his data is about to be lost and is given a chance to cancel if he didn't mean to do that. Closing this out as invalid.
In that case, the wording should be narrowed to `Clear Stored Passwords', shouldn't it?
It's more than just passwords -- it's wallet data as well. Anything that would be encrypted if encryption was turned on. If you want to propose a wording change that would encompass that, feel free to do so. Perhaps vera's proposal of "clear stored sensitive information".
how about "Clear Saved Data"?
We're calling what the Password Manager stores "sensitive information" in other places, and I'm hoping to stick with one term. We chose "sensitive information" because it makes the user think more about security and whether or not encryption should be turned on... etc.
I just changed the menu items so that they say "sensitive information" instead of "stored data".
vrfy... though i'd like to describe this in the documentation so that users don't get confused. blake et al., d'you think this feature is clear enough, or should a bug be filed (where bug 48860 is dependent) for further UI clarification? (i understand that such a change might occur post-rtm, but i thought i'd ask here before i forget. ;)
> Simple. Because if the user has his data encrypted and then forgets his master > password, he is dead. There is no way for him to remove the data and start > over. This is the purpose (and the only purpose) of the remove-data menu item. That's still not a good reason to put this in the menu rather than the dialog. What should happen, in an ideal world, is this: * I select `Tasks' > `Wallet' (which replaces the Forms Manager, the Password Manager, and the Security Manager) * I get shown a dialog asking for my master password * I don't know my master password, so I just click `Ok' * I get presented with a Wallet window where no data is shown (because I didn't enter my password) * I click the `Delete All ...' button * I get shown an alert, warning me of what exactly will be deleted * I click `Continue', and stuff gets deleted. That whole forms/passwords submenu is so muddled that I've probably got one or two things wrong there, so I'm probably not the best person to file the bugs to make all that happen. (Blake? Sarah?)