canmove, Confirmed users
285
edits
Security/Features/HighlightCleartextPasswords: Difference between revisions
Security/Features/HighlightCleartextPasswords (view source)
Revision as of 20:52, 1 June 2012
, 1 June 2012no edit summary
No edit summary |
No edit summary |
||
| Line 10: | Line 10: | ||
{{FeaturePageBody | {{FeaturePageBody | ||
|Feature open issues and risks=<b>Current/Latest Proposal:</b> | |Feature open issues and risks=<b>Current/Latest Proposal:</b> | ||
* Use an icon (ex: warning icon) in the password text box (shifting any placeholder the website set by a few pixels). This icon will appear all the time (not just onfocus). | * Use an icon (ex: warning icon) in the password text box (shifting any placeholder the website set by a few pixels). This icon will appear all the time (not just onfocus). ([http://people.mozilla.com/~tvyas/Warning_Icon.jpg Example Icon]) | ||
* When the user clicks on the warning icon or focuses on the input box, a message pops up with text that interrupts the user (ex: doorhanger), "This will submit your password unencrypted/This is an unencrypted page." The dialog will present the user with a choice. | * When the user clicks on the warning icon or focuses on the input box, a message pops up with text that interrupts the user (ex: doorhanger), "This will submit your password unencrypted/This is an unencrypted page." The dialog will be designed differently than other warnings, so that users don't ignore it out of habituation. The dialog will present the user with a choice. | ||
** If we can determine the ssl version of the page, provide these to options: "Click here to go to the encrypted version of this page." & "Click here to proceed stay on this page (not recommended)." | ** If we can determine the ssl version of the page, provide these to options: "Click here to go to the encrypted version of this page." & "Click here to proceed stay on this page (not recommended)." Require the user to make a choice (no X to quit the dialog box) | ||
** If we cannot determine the ssl version of the page, the user does not have any choices to select from. Perhaps add a recommendation about being careful if using a shared/open/public wifi network. | ** If we cannot determine the ssl version of the page, the user does not have any choices to select from. Perhaps add a recommendation about being careful if using a shared/open/public wifi network. | ||
** Perhaps include a checkbox for "Report to site owner". | ** Perhaps include a checkbox for "Report to site owner". | ||