|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
29 Jun 2012, 10:20 PM | #1 |
Junior Member
Join Date: Jun 2012
Posts: 2
|
Password easily uncovered at login NOT secure
Hey all,
I am not tech savvy, so bear with me. But this seems like a very undesirable feature in an email that touts security and spam protection: I typed the first letter of my password in the wrong field, in the username, and lo and behold my entire password filled into the username, completely readable. How can I disable this from happening? Even though it's in the username field, it wouldn't take a genius to try this as my password in the password field. osm5 |
29 Jun 2012, 11:56 PM | #2 |
The "e" in e-mail
Join Date: Jan 2006
Posts: 2,626
|
Is there some way to find out if this is related to the browser
or the server for the weblogin? I will try to test it in three different browsers. 1. FireFox Browser 2. Opera Browser 3. Chromium Browser Maybe I kindly ask other to do the same with the browsers you have Internet Explorer and The one for Apple? One obvious test is to compare if you have saved the password in your browser or not. osm5 can you maybe delete your cache so it is a fresh boot into the browser and test again? I am just a user at the forum there exists those that represent Fastmail while I don't I just care about security on a naive level. I've now tested in three different Browsers. 1. FireFox Browser (I have my user name and password saved in the browser and when I write the first letter of the password in the user name box then it shows my username and not my password. So that gives you some hint maybe? ) 2. Opera Browser (Nothing did happen) I don't have it saved either so ...) 3. Chromium Browser (Nothing did happen) I don't have it saved either so ...) To make a better test I would need to change my password and see if the result is like you experienced but I am too lazy for that now and hope others or you to do more testing first. Last edited by drew : 30 Jun 2012 at 12:13 AM. |
30 Jun 2012, 05:47 AM | #3 |
Essential Contributor
Join Date: Aug 2001
Posts: 277
|
On any website, if you enter your password in the username field, it will be visible for anyone looking at the screen. This isn't a flaw with the fastmail website or any others.
|
30 Jun 2012, 12:28 PM | #4 |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,930
|
Welcome to the EMD Forums, osm5!
What you are seeing is the "auto-complete" feature in your browser. You have it set to store the contents of fields and fill them in when you later visit that same website. You can remove your existing passwords in your browser, then disable future password storage. You can also use private browsing to temporarily stop saving such information. For Firefox, see:Also see this Fastmail help page:Bill |
30 Jun 2012, 03:12 PM | #5 |
The "e" in e-mail
Join Date: Jan 2006
Posts: 2,626
|
n5bb is right. I tested with another OS and
Fastmail does not do what you say. It is the auto complete feature in the Browser that does it. Look for turning it off in the Preferences. |
1 Jul 2012, 06:34 AM | #6 |
Cornerstone of the Community
Join Date: Jun 2004
Posts: 743
|
Still, the browser shouldn't be filling in your password in the user name field. What has likely happened is that sometime in the past, you accidentally entered your password in the user name field, tried to log in, and your browser ended up saving the information. So if you like the autofill feature, it's not necessary to completely disable it. You just need to delete the saved entry that's causing this behavior.
|
1 Jul 2012, 10:35 AM | #7 |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,930
|
I agree with placebo's analysis.
|
1 Jul 2012, 02:50 PM | #8 |
The "e" in e-mail
Join Date: Jan 2006
Posts: 2,626
|
Placebo has the most logical answer. such has happen to me too.
Depending on what browser you have. Go to Edit then Preferences then security and there you have a chance to edit your saved usernames and passwords for sites. |