FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 08-09-2012, 08:05 AM
Gary Dale
 
Default iceweasle saving username and password

On 09/08/12 02:05 AM, lina wrote:

Hi,

My question is that how can I let the iceweasle kept the saved
password as un-readable?

Right now I felt very bad,

I can access some database with my user name and password,
(it's a "universal" password and username, which means it's also the
one I use for email and many other things, such as wireless access and
etc, it set up by administrator).

One girl she need access the database, and she asked me for help.
basically it's harmless. but I don't want to share my password and I
don't know how to refuse.

so I input my password and username in her firefox and let it remember.

Just now I found that iceweasle can show the password I saved. very
bad, hope she didn't realize it and read my password.

I don't know how to do in this situations.

Thanks for any advice.

Best regards,
You can use a master password in Iceweasel. However, if the person needs
access to the database using your password, she'll need the master
password to get it.


Basically, you are doing everything wrong. You shouldn't :
- use the same password for multiple accounts,
- share your password with anyone,
- let others access a service using your account credentials.

If she needs access to the database, she should get her own account, not
use yours.



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: 50236F55.7040408@rogers.com">http://lists.debian.org/50236F55.7040408@rogers.com
 
Old 08-09-2012, 08:50 AM
lina
 
Default iceweasle saving username and password

On Thu, Aug 9, 2012 at 4:05 PM, Gary Dale <garydale@rogers.com> wrote:
> On 09/08/12 02:05 AM, lina wrote:
>>
>> Hi,
>>
>> My question is that how can I let the iceweasle kept the saved
>> password as un-readable?
>>
>> Right now I felt very bad,
>>
>> I can access some database with my user name and password,
>> (it's a "universal" password and username, which means it's also the
>> one I use for email and many other things, such as wireless access and
>> etc, it set up by administrator).
>>
>> One girl she need access the database, and she asked me for help.
>> basically it's harmless. but I don't want to share my password and I
>> don't know how to refuse.
>>
>> so I input my password and username in her firefox and let it remember.
>>
>> Just now I found that iceweasle can show the password I saved. very
>> bad, hope she didn't realize it and read my password.
>>
>> I don't know how to do in this situations.
>>
>> Thanks for any advice.
>>
>> Best regards,
>
> You can use a master password in Iceweasel. However, if the person needs
> access to the database using your password, she'll need the master password
> to get it.
>
> Basically, you are doing everything wrong. You shouldn't :
> - use the same password for multiple accounts,
> - share your password with anyone,
> - let others access a service using your account credentials.

Definitely I am wrong here.

>
> If she needs access to the database, she should get her own account, not use
> yours.
She came from another organization.
I just sent her message if she needed something I could download for
her and I suggested her to talk with her boss to get access the
resources she needed.

Thanks with best regards,
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject
> of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/50236F55.7040408@rogers.com
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAG9cJm=-2kTZUfoQ=j0j6T6UFNKb64FJXyBBkYobwKiu2jZ=kQ@mail.gm ail.com
 
Old 08-09-2012, 01:58 PM
Mika Suomalainen
 
Default iceweasle saving username and password

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 09.08.2012 09:05, lina wrote:
>
> I can access some database with my user name and password, (it's a
> "universal" password and username, which means it's also the one I
> use for email and many other things, such as wireless access and
> etc, it set up by administrator).

If you mean Edit --> Preferences --> Security --> Saved passwords, I
think that you can hide them from there by setting master password
above that button.

- --
Mika Suomalainen

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Public key: http://mkaysi.github.com/PGP/key.txt
Comment: gpg --keyserver pool.sks-keyservers.net --recv-keys 0x82A46728
Comment: Fingerprint = 24BC 1573 B8EE D666 D10A AA65 4DB5 3CFE 82A4 6728
Comment: Why do I (clear)sign emails? http://git.io/6FLzWg
Comment: Please remove PGP lines in replies. http://git.io/nvHrDg
Comment: Charset of this message should be UTF-8.
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJQI8HqAAoJEE21PP6CpGcoOqgP/A8Q75qm2zGzgAcdYIkwHE7W
AOfDEGrESRE4a33KDICs3NxxVnOYlGY0Cszx8ftTDbB8SQXfjv B50AE3q/X81Bud
pXY78LEourvNnnm7HL0LnlIfmuWlnB3+2Sh196VOp96h2E7EyI oGi3ZfzPM3EosW
uqYHv/JpoeRoxfK+xTdEnRizQjQJYAJIZJ3uHwAwUDjpUGfu/PXyXbpiUSYvIURE
nF/mMT/Ah8Zv7FbiBmf0FbG5XVO1/FeQlOErSn3NdRpVItGLZGo26+c8GTiHAqcX
wxqZrybCP48Qu3UMXg6oYGfbaRJXD0m8ftM3whavPX3y62dJfS mlsWjDYzJcjvbg
7D/L+HRzzgNmYiEeoPA+vv0KKhBc55qXwb4AUxmvVYOpmTfLuY+jb RK+K7wsBpVa
e9ahGG4XCrrw/7JbN8gG9xdPNEcOGwfls+Emy6vmyPJelsB+hxDLVkO4tyUEY1W A
pojhqCu5IsBIHD5fwxu4wbHU0EQe8GQOfimh/Z2n3IQTZwnKXgeexptzQ3AXviw+
uCwysKnN1Zo3DlfQnh2DTRuThoFv5ei+0ipkb3ARd19YfEmLYh 1snrq10Enquj68
dttpYh7dmkHEjiXC+p+HEtIJN1I1xNnCGd+0iRcDcG510q3ySU e/K9S7LQltQ/Mj
RmWWbrVrSYYJabVBovCI
=sznO
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5023C1ED.7040206@users.sourceforge.net">http://lists.debian.org/5023C1ED.7040206@users.sourceforge.net
 
Old 08-09-2012, 02:21 PM
Brad Alexander
 
Default iceweasle saving username and password

On Thu, Aug 9, 2012 at 2:05 AM, lina <lina.lastname@gmail.com> wrote:
> Hi,
>
> My question is that how can I let the iceweasle kept the saved
> password as un-readable?
>
> Right now I felt very bad,
>
> I can access some database with my user name and password,
> (it's a "universal" password and username, which means it's also the
> one I use for email and many other things, such as wireless access and
> etc, it set up by administrator).
>
> One girl she need access the database, and she asked me for help.
> basically it's harmless. but I don't want to share my password and I
> don't know how to refuse.
>
> so I input my password and username in her firefox and let it remember.
>
> Just now I found that iceweasle can show the password I saved. very
> bad, hope she didn't realize it and read my password.
>
> I don't know how to do in this situations.
>
> Thanks for any advice.

My recommendation would be to use LastPass (http://lastpass.com). It
stores all of your passwords in an encrypted blob which has a master
password, which is only ever decrypted on the local machine. Most all
of the major browsers have a lastpass plugin. The blob is uploaded to
lastpass' site, which means that any browser with said plugin that you
use will have access to all of your passwords. It also allows you to
generate secure passwords for all web sites.

I've been using it for 6 months, and it works great.

--b


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAKmZw+bL+WgVHP6COvndOwZtrBd9ev-pyQUuQUWwgcijHR=UOw@mail.gmail.com
 
Old 08-09-2012, 02:42 PM
Camaleón
 
Default iceweasle saving username and password

On Thu, 09 Aug 2012 14:05:58 +0800, lina wrote:

> My question is that how can I let the iceweasle kept the saved password
> as un-readable?

(...)

Use a Master Password to protect stored logins and passwords
http://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins

But I would prefer even using a different Firefox profile to avoid being
silently tracked.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/k00i8u$t9u$9@dough.gmane.org
 
Old 08-09-2012, 02:58 PM
Guy Gold
 
Default iceweasle saving username and password

On Thu, Aug 9, 2012 at 10:21 AM, Brad Alexander <storm16@gmail.com> wrote:
> My recommendation would be to use LastPass (http://lastpass.com). It
> stores all of your passwords in an encrypted blob which has a master
> password, which is only ever decrypted on the local machine. Most all
> of the major browsers have a lastpass plugin. The blob is uploaded to
> lastpass' site, which means that any browser with said plugin that you
> use will have access to all of your passwords. It also allows you to
> generate secure passwords for all web sites.
>
> I've been using it for 6 months, and it works great.

Isn't it also giving away your passwords to a third party ?


--
Guy Gold


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CALQ72QGT5mn-2xv47e=zu==p9w781oBb3qy+VmpYp2txYtfd_w@mail.gmail. com
 
Old 08-09-2012, 03:37 PM
Chris Bannister
 
Default iceweasle saving username and password

On Thu, Aug 09, 2012 at 02:05:58PM +0800, lina wrote:
> Hi,
>
> My question is that how can I let the iceweasle kept the saved
> password as un-readable?
>
> Right now I felt very bad,
>
> I can access some database with my user name and password,
> (it's a "universal" password and username, which means it's also the
> one I use for email and many other things, such as wireless access and
> etc, it set up by administrator).

If you know the administrator reasonably well, explain to him/her what
has happened, he/she won't be happy, but will at least help in fixing
situation, and if the administrator is in the know, then it won't be
misconstrued as malicious.

> One girl she need access the database, and she asked me for help.
> basically it's harmless. but I don't want to share my password and I
> don't know how to refuse.
> so I input my password and username in her firefox and let it remember.

Ouch! Bad move. I'd also be worried that you may have violated company
policy.

> Just now I found that iceweasle can show the password I saved. very
> bad, hope she didn't realize it and read my password.

Don't risk it.

> I don't know how to do in this situations.

If its for anything important like online banking etc, change it
immediately, so that the one she has is no longer useful.

You should have told her to see the administrator, that is his job;
granting access etc. Don't give out passwords!

--
"If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the
oppressing." --- Malcolm X


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120809153702.GL2687@tal
 
Old 08-09-2012, 04:10 PM
lina
 
Default iceweasle saving username and password

On 9 Aug, 2012, at 23:37, Chris Bannister <cbannister@slingshot.co.nz> wrote:

> On Thu, Aug 09, 2012 at 02:05:58PM +0800, lina wrote:
>> Hi,
>>
>> My question is that how can I let the iceweasle kept the saved
>> password as un-readable?
>>
>> Right now I felt very bad,
>>
>> I can access some database with my user name and password,
>> (it's a "universal" password and username, which means it's also the
>> one I use for email and many other things, such as wireless access and
>> etc, it set up by administrator).
>
> If you know the administrator reasonably well, explain to him/her what
> has happened, he/she won't be happy, but will at least help in fixing
> situation, and if the administrator is in the know, then it won't be
> misconstrued as malicious.

The administrators know. We only have one user account for everything here. But for servers we can change password. But for network account, such as wireless, email, some other things. They shared one, but we can change.
>
>> One girl she need access the database, and she asked me for help.
>> basically it's harmless. but I don't want to share my password and I
>> don't know how to refuse.
>> so I input my password and username in her firefox and let it remember.
>
> Ouch! Bad move. I'd also be worried that you may have violated company
> policy.
Ha... I worried also. But didn't find the specific rules except it's told that not reveal your password to anybody.
>
>> Just now I found that iceweasle can show the password I saved. very
>> bad, hope she didn't realize it and read my password.
>
> Don't risk it.
I talked with her, she told me that she wasn't interested in my password. I apologized to her that I gotta change my password. Still bad is that she thought I could help her but I didn't.
>
>> I don't know how to do in this situations.
>
> If its for anything important like online banking etc, change it
> immediately, so that the one she has is no longer useful.
>
> You should have told her to see the administrator, that is his job;
> granting access etc. Don't give out passwords!
She is from another organization. And new here, less than one week. Doing internship. I told her to talk with her colleagues tomorrow. If there is no resource available for her, we will reconsider it.

Thanks.
>
> --
> "If you're not careful, the newspapers will have you hating the people
> who are being oppressed, and loving the people who are doing the
> oppressing." --- Malcolm X
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/20120809153702.GL2687@tal
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 7C1C29DB-4F7D-4DD0-B2D9-02A02454ADF5@gmail.com">http://lists.debian.org/7C1C29DB-4F7D-4DD0-B2D9-02A02454ADF5@gmail.com
 

Thread Tools




All times are GMT. The time now is 06:55 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org