Issue metadata
Sign in to add a comment
|
Local attacker can get details of saved passwords
Reported by
ram.puru...@gmail.com,
Nov 6 2017
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36 Steps to reproduce the problem: 1. Total length of all the password should be encrypted and saved 2. saved password can be viewed by changing the field type to text 3. Length of the character of the password should be fixed for all the password as same as it can be guessed by the character length What is the expected behavior? What went wrong? saved password shouldn't be viewed by changing the password field to 'text' in the developer mode or option. The length of the password should be same in the saved password in setting Did this work before? No Chrome version: 57.0.2987.110 Channel: n/a OS Version: 10.0 Flash Version: This might improve the password security in the browser so that no on can guess or see the save password in the common system.
,
Feb 13 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 14 2018
Issue 812159 has been merged into this issue. |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Nov 6 2017Status: Duplicate (was: Unconfirmed)
Summary: Local attacker can get details of saved passwords (was: Saved password detail)