Does it bug anyone else
June 28, 2000 12:38 PM Subscribe
Does it bug anyone else that if you have a MetaFilter account with cookies enabled, it automatically enters your password (which can be read in view source)???
Personally I think this is a very bad thing, as I've visited metafilter at the library a few times..
Personally I think this is a very bad thing, as I've visited metafilter at the library a few times..
I like it, makes it easier to post without having to think things through. I probably would not post half as much if I had the extra 12 seconds to cool down. Hitting the logout button is no harder than having to remember your ATM card when you walk away from the cash machine. Less trouble even if you do forget.
posted by thirteen at 1:07 PM on June 28, 2000
posted by thirteen at 1:07 PM on June 28, 2000
Bane, someone is going to suggest that you make use of metatalk for comments like this.
posted by sixfoot6 at 1:11 PM on June 28, 2000
posted by sixfoot6 at 1:11 PM on June 28, 2000
Interesting, but my passwd didn't show just now, although it does still in metatalk.
At any rate, I saw the code matt uses for that little function, and it is encoded when its flying across the wires and decoded when its actually thrown into the webpage that CF builds when you have the option to post a comment.
it was good insite to build that in there rather than just throwing the passwd around clear text like.
posted by djc at 1:12 PM on June 28, 2000
At any rate, I saw the code matt uses for that little function, and it is encoded when its flying across the wires and decoded when its actually thrown into the webpage that CF builds when you have the option to post a comment.
it was good insite to build that in there rather than just throwing the passwd around clear text like.
posted by djc at 1:12 PM on June 28, 2000
The password isn't "encoded" .. it's plaintext both ways. I see no code that would encode or decode the password prior to submitting the form.
I don't know what code you're talking about, but it's not on this page.
posted by chrish at 2:13 PM on June 28, 2000
I don't know what code you're talking about, but it's not on this page.
posted by chrish at 2:13 PM on June 28, 2000
It's unencrypted in the form element so people can type it in. The original thought was to keep the user/pass fields blank on non-logged in visitors, and auto-fill it for users, but I didn't end up setting it that way. I could either 1) buy a secure certificate for $125 so all submissions to the db would be on https connections, or 2) get rid of the user/pass fields and just say "you're logged in username" with a logout button next to it, and pass the password encrypted in a hidden form field.
So yeah, sure I can do the latter option fairly easily.
posted by mathowie at 2:25 PM on June 28, 2000
So yeah, sure I can do the latter option fairly easily.
posted by mathowie at 2:25 PM on June 28, 2000
(also - I'd like to add a "move this to metatalk and leave a link on metafilter pointing to it" functionality to the site as well).
posted by mathowie at 2:26 PM on June 28, 2000
posted by mathowie at 2:26 PM on June 28, 2000
It doesn't bother me at all, but I think leaving it off the page (assuming you have your account set to remember login) with the logged in username displayed is probably the better idea. I definately don't think its such big issue that you should go out and purchase a secure certificate. If you follow the old rule (not that I do), "Use different passwords for different sites", there really isn't a problem.
posted by howa2396 at 2:36 PM on June 28, 2000
posted by howa2396 at 2:36 PM on June 28, 2000
What's the issue here? Maybe I'm missing something. Are you afraid people at the library will start posting under your alias? I'm having a hard time figuring out anything nasty that could happen.
posted by y6y6y6 at 7:07 PM on June 28, 2000
posted by y6y6y6 at 7:07 PM on June 28, 2000
Hey, Jon?
Tell ya what.
You go to the library, post something, and forget to log out...
and I'll cruise up and post a threatening note to the president with your name. Ok? :-)
Do us a favor: tell us brand of shades the Secret Service are wearing this year?
posted by baylink at 7:54 PM on June 28, 2000
Tell ya what.
You go to the library, post something, and forget to log out...
and I'll cruise up and post a threatening note to the president with your name. Ok? :-)
Do us a favor: tell us brand of shades the Secret Service are wearing this year?
posted by baylink at 7:54 PM on June 28, 2000
What does that have to do with the password being in the html? If you don't log out people can post something in your name. Everyone knows that. And they'd be able to do that even if the password wasn't in the html. But the thread is about the password being visible via a "view source." So you are actually worried about the following scenario?
1) You find yourself at a public computer and can't resist the urge to log in and post.
2) Despite your knowledge that "they" are always trying to "get" you, you forget to log out.
3) Some stranger uses the computer and they just happen to be one of the 100 people in the whole world who post at MetaFilter.
4) They notice your blunder and decide to do a view source and grab your password.
5) They then go nuts on Metafilter - Talking about how stupid Clinton is, outing half the users here, starting flame wars, uh......
Who the hell would even notice?
I like people talking about security issues. It's good to keep talking about these things. But lets not get looney. People here are actually discussing whether your MetaFilter password should be sent over the Internet in the clear. What??!!
posted by y6y6y6 at 9:35 PM on June 28, 2000
1) You find yourself at a public computer and can't resist the urge to log in and post.
2) Despite your knowledge that "they" are always trying to "get" you, you forget to log out.
3) Some stranger uses the computer and they just happen to be one of the 100 people in the whole world who post at MetaFilter.
4) They notice your blunder and decide to do a view source and grab your password.
5) They then go nuts on Metafilter - Talking about how stupid Clinton is, outing half the users here, starting flame wars, uh......
Who the hell would even notice?
I like people talking about security issues. It's good to keep talking about these things. But lets not get looney. People here are actually discussing whether your MetaFilter password should be sent over the Internet in the clear. What??!!
posted by y6y6y6 at 9:35 PM on June 28, 2000
>(also - I'd like to add a "move this to metatalk and >leave a link on metafilter pointing to it" functionality to >the site as well).
what would be the difference in this case, just the background colors?! :)
posted by chaz at 11:44 PM on June 28, 2000
what would be the difference in this case, just the background colors?! :)
posted by chaz at 11:44 PM on June 28, 2000
Jon, the question is: "should the authentication method used send it's token in the clear?"
There are two questions involved in that.
"Should *anyone* be able to see the token?" and
"Should anyone else but Matt be able to see it?"
Me, personally, I think that the first question should be answered no, which solves the problem on the second question.
Let's face it: reusable passwords suck in the first place. If nothing else, they're too hard to keep track of. So people reuse them. The upshot of this train of thought is that when designing an authentication facility using reusable passwords (which noone should be doing these days anyway, but that's another discussion), it's incumbent on you to realize that you are (whether it ought to be this way or not) creating the potential for compromise of people's passwords for other, possibly more high-security, systems.
This Is Bad.
Passwords should be encrypted with a strong one-way function as close to capture as possible.
Does *that* clear up what I think for you, Jon? :-)
posted by baylink at 12:42 PM on June 29, 2000
There are two questions involved in that.
"Should *anyone* be able to see the token?" and
"Should anyone else but Matt be able to see it?"
Me, personally, I think that the first question should be answered no, which solves the problem on the second question.
Let's face it: reusable passwords suck in the first place. If nothing else, they're too hard to keep track of. So people reuse them. The upshot of this train of thought is that when designing an authentication facility using reusable passwords (which noone should be doing these days anyway, but that's another discussion), it's incumbent on you to realize that you are (whether it ought to be this way or not) creating the potential for compromise of people's passwords for other, possibly more high-security, systems.
This Is Bad.
Passwords should be encrypted with a strong one-way function as close to capture as possible.
Does *that* clear up what I think for you, Jon? :-)
posted by baylink at 12:42 PM on June 29, 2000
Still, as a password user myself (anybody else here? just me? okay, listen up) I have about five passwords that I "reuse" for different security contexts. That is, somebody who gets my typical no-account website password (like the one here) isn't likely to be able to use it to get into a system I administer.
posted by dhartung at 8:29 PM on June 29, 2000
posted by dhartung at 8:29 PM on June 29, 2000
> Does *that* clear up what I think
Well, I suspected that's what you were thinking. And I understand your point. I just disagree.
posted by y6y6y6 at 10:00 PM on June 29, 2000
Well, I suspected that's what you were thinking. And I understand your point. I just disagree.
posted by y6y6y6 at 10:00 PM on June 29, 2000
« Older Boy Scouts: 1 Gay Memebers: 0 | Human Multi-Tasking: If you count all the things... Newer »
This thread has been archived and is closed to new comments
posted by raster at 12:54 PM on June 28, 2000