canmove, Confirmed users
285
edits
Security/Features/HighlightCleartextPasswords: Difference between revisions
Security/Features/HighlightCleartextPasswords (view source)
Revision as of 22:35, 25 May 2012
, 25 May 2012no edit summary
No edit summary |
mNo edit summary |
||
| Line 81: | Line 81: | ||
This feature does not prevent against active attacks (ex: man-in-the-middle on http pages). | This feature does not prevent against active attacks (ex: man-in-the-middle on http pages). | ||
|Feature functional spec=Phase 1: Do not autopopulate the username/password stored in password manager for http sites. Provide the multiuser experience seen [https://people.mozilla.com/~tvyas/multiuser_experience.jpg here]. | |Feature functional spec=Phase 1: Do not autopopulate the username/password stored in password manager for http sites. Provide the multiuser experience seen [https://people.mozilla.com/~tvyas/multiuser_experience.jpg here]. (Note: this may end up in a separate feature instead of part of Highlght Cleartext Passwords.) | ||
Phase 2: Use cases 1-3 - General case. | Phase 2: Use cases 1-3 - General case. | ||
| Line 91: | Line 91: | ||
Phase 0: User Research. First on the password field itself, then later on how to redirect to the secure version of the site. | Phase 0: User Research. First on the password field itself, then later on how to redirect to the secure version of the site. | ||
Phase 1: Do not autopopulate the username/password stored in password manager for http sites. Provide the multiuser experience seen [https://people.mozilla.com/~tvyas/multiuser_experience.jpg here]. | Phase 1: Do not autopopulate the username/password stored in password manager for http sites. Provide the multiuser experience seen [https://people.mozilla.com/~tvyas/multiuser_experience.jpg here]. (Note: this may end up in a separate feature instead of part of Highlght Cleartext Passwords.) | ||
Phase 2: Use cases 1-3 - General case. | Phase 2: Use cases 1-3 - General case. | ||