Closed Bug 988159 Opened 12 years ago Closed 12 years ago

Passwords easily hackable via developer console

Categories

(DevTools :: Inspector, defect)

Product:
DevTools
Component:
Inspector
Version:
27 Branch
Platform:
x86
Windows 8.1
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 933223

People

(Reporter: amitjoki, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36 Steps to reproduce: STEP 1: Click the right button of the mouse on the password slot where the password is written. STEP 2: Click on the option inspect element in it. STEP 3: Developer Console Will Appear. STEP 4: Double click on the "password" written in the highlighted codes. Doing this "password" alone gets highlighted. STEP 5: Type "text" in place of "password" and click enter. STEP 6: Now you have the password written in asterisks or dots before in just plain text. Actual results: Passwords were visible in clear text Expected results: Changing the type of input of password shouldn't be allowed
Severity: normal → blocker
Group: core-security
Component: Untriaged → Developer Tools: Inspector
(In reply to amitjoki from comment #0) > Changing the type of input of password shouldn't be allowed Why? That's the whole point of using a developer tool, to be able to tinker with the page.
Severity: blocker → normal
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
Resolution: INVALID → DUPLICATE
Product: Firefox → DevTools
You need to log in before you can comment on or make changes to this bug.