140275 – changing login form must clear password entry

Bug 140275 - changing login form must clear password entry

Summary: changing login form must clear password entry

Status:	RESOLVED REMIND

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	khtml forms (show other bugs)
Version:	unspecified
Platform:	unspecified Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-01-19 03:27 UTC by Martin Zbořil
Modified:	2008-04-21 10:18 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Zbořil 2007-01-19 03:27:34 UTC

Version:           3.5.5 (using KDE 3.5.5, compiled sources)
Compiler:          Target: i586-mandriva-linux-gnu
OS:                Linux (i686) release 2.6.17-9mdv

some pages allows to show an information about unsuccessfull login like ip, time, and password - its a rather stupid approach, but in still in use on some discussion servers.
when the login and password are filled into a forms from kwallet, there is an easy way to get these password just by changing login part, because the password form will be left filled with saved data but different login, which can lead to exposing the password.

Comment 1 Martin Zbořil 2007-06-08 23:59:14 UTC

argh! say something! i am tired of changing my password everytime after some of my friends abuses my internet connectivity

Comment 2 Michael Leupold 2008-04-20 14:35:41 UTC

I'm sorry, but I can't actually see where the bug is here. While you are authorized in kwallet anyone can just fire-up kwalletmanager and read the password verbatim. If you still think this is a bug, please be more specific.

Comment 3 George Goldberg 2008-04-21 10:18:27 UTC

Please reopen this bug if you can provide more specific details about exactly what  the problem is here, and how we can reproduce it.