Closed Bug 487227 Opened 15 years ago Closed 15 years ago

Save password for directories in a domain separately

Categories

(Toolkit :: Password Manager, enhancement)

Product:
Toolkit
Component:
Password Manager
Platform:
x86
Linux
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 263387

People

(Reporter: andy, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.9.0.7) Gecko/2009030422 Ubuntu/8.10 (intrepid) Firefox/3.0.7
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.9.0.7) Gecko/2009030422 Ubuntu/8.10 (intrepid) Firefox/3.0.7

If I have say 3 subdirectories on a website and each is password protected, can you please make Firefox save the passwords separately.

E.g. if I have 
www.site.com/dir1
www.site.com/dir2
www.site.com/dir3

If I then goto "http://www.site.com/dir1" , I don't want to see the passwords saved for "dir2" and "dir3". right click -> view page info ->  Security -> Saved passwords 

It basically only shows the main domain name... so you can't drill down to the directory / folder level.

It just makes auto filling of passwords easier.

Reproducible: Always
Passwords are stored based on the names of the username/password fields, the "realm" (protocol + host + port), and the form's action URL.  While it's true that you can see them all in the password manager listing, they shouldn't be offered to you as auto-complete options unless all of those things match, which seems unlikely for the scenario you describe.

So I understand this bug to be an enhancement request, asking for a way to further filter down the list in the password manager, not as a bug report complaining that password manager is offering the wrong passwords as auto-complete options.  Is that right?

Moving to password manager component. This might be WONTFIX since it involves changing the way passwords are stored and migrating existing password stores for the purpose of enabling some relatively niche functionality that might be better served by an extension.  Still, I'll leave that to Dolske, as lord high ruler of password management.
Component: Security → Password Manager
Product: Firefox → Toolkit
QA Contact: firefox → password.manager
(Andy - hope that didn't come off as dismissive, I appreciate you bringing the idea up.  It's automatic to start thinking through the implementation issues of something like this, but I always appreciate people trying to make Firefox better. Thank you for that.)
Hi Johnathan

Thanks for the quick reply... Its great to see you guys check this list and have one kick ass product in FireFox !!

I would guess it would mean a rewrite of how passwords are stored etc, and you are right an extension might be the better option.

I will give you my exact example, but only on tuesday, to see if that is easily do-able.

Cheers
Andy
This is covered by an existing bug, which unfortunately won't be fixed because it would end up causing other problems. See the rationale in 263387.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You could make the "per form storage" an option for a domain, to make it backwards compatible...

I use a domain which hosts 2 separate application. Login to first application is at:
http://site.com/application1
login to second application is at:
http://site.com/application2

My login credentials are different for both applications, but firefox sees these login forms as one. When I store my credentials on form 1 and try to log in with form 2, firefox is sending my login credentials for applicaation 1 to the application 2. 

THIS IS A SECURITY RISK. PLEASE FIX.

Not talking about the fact that in cases like this I'm not able to to use the "store credentials feature" at all, because I don't know if the credentials currently saved are for application 1 or application 2...
You need to log in before you can comment on or make changes to this bug.