Rakesh Jaimini
asked on
Firfox's web developer toolbar addon's Show Password Issue
Hi,
My application uses input type=password which shows * in place of actual characters in text box
but Firfox's web developer toolbar addon have option show password which changes its type to text on the fly and user can see the actual data
This has become a sever issue at my end
anyhow can i prevent it ?
My application uses input type=password which shows * in place of actual characters in text box
but Firfox's web developer toolbar addon have option show password which changes its type to text on the fly and user can see the actual data
This has become a sever issue at my end
anyhow can i prevent it ?
And no you can't stop users from doing this.
It is only display anyway - it shouldn't cause any server issues as from a server point of view the text is passed as if it was type="text"
The only thing the password type does is prevent people from looking at your screen and seeing your password when you type it in. But there are many ways to have it seen besides the firefox add-on....
It is only display anyway - it shouldn't cause any server issues as from a server point of view the text is passed as if it was type="text"
The only thing the password type does is prevent people from looking at your screen and seeing your password when you type it in. But there are many ways to have it seen besides the firefox add-on....
ASKER
Hi experts,
I said sever or big issue not server issue :)
never mind it happens some time.
this issue is raised by our client and we can not say that there are several other ways coz somehow this is a security issue and then we need to address those several other ways also. :D
is there any way to implement some attribute change event handler which i can use on type change to text from password so that in that function i can change back to password
IE doesn't allow this attribute to change from script and i checked with firebug also we can change type with the help of firebug
I have seen some site which shows a modal popup to register first
earlier i used to hide the popup using firebug and can access the site but now as soon as i change display:'' to display:none some script reloads the page
I'm trying to implement similar kind of logic
also @mrichmon can you tell me "other ways" to see this password
thanks
I said sever or big issue not server issue :)
never mind it happens some time.
this issue is raised by our client and we can not say that there are several other ways coz somehow this is a security issue and then we need to address those several other ways also. :D
is there any way to implement some attribute change event handler which i can use on type change to text from password so that in that function i can change back to password
IE doesn't allow this attribute to change from script and i checked with firebug also we can change type with the help of firebug
I have seen some site which shows a modal popup to register first
earlier i used to hide the popup using firebug and can access the site but now as soon as i change display:'' to display:none some script reloads the page
I'm trying to implement similar kind of logic
also @mrichmon can you tell me "other ways" to see this password
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi,
Thanks for the reply
I'm convinced :)
can you give some more ways so that we can make some report kind of thing to present it our client that it is normal behaviour and we can not guard against this.
As I checked goggle also and there too both web dev tool bar and JavaScript in address bar worked to get the password
Thanks a lot
Thanks for the reply
I'm convinced :)
can you give some more ways so that we can make some report kind of thing to present it our client that it is normal behaviour and we can not guard against this.
As I checked goggle also and there too both web dev tool bar and JavaScript in address bar worked to get the password
Thanks a lot
Also, why not just uninstall the web developer toolbar if it gives you trouble?