Show password #148
Comments
|
I disagree.. |
|
I have never seen a website where you can see your password in plain text, sounds weird and unsafe to me.
And then we implement a way to recover the password?
Or you just so happened to walk past someone else's account and can view the password with the click of a button. |
They are not at once, since there is someone who maintains this website and has allowed (via this feature) to recover the password.
If I'm already connected it's because I know my password, I do not need to be shown. I confirm what @daivyy mentioned, never seen a website where you can see your password in plain text. |
|
If you click on "Show password", it doesn't send any request to the website actually. The password is not received from the network. The password is known by the web browser because it is locally stored during login (Try with BurpSuite or any local proxy application.)
But I agree that it is confusing for the end-user, and that this feature should be removed on the mainnet. |
|
you are right, the show password feature could be removed |
|
PR #153 removes the show password button |
8d91373
This commit is not consistent with the alerts in the registration screen.
We indicate to the user that no one can help him recover the password and that it must be written on paper.
And then we add a new button to display his password. (/account)
The text was updated successfully, but these errors were encountered: