We have moved to a new Sailfish OS Forum. Please start new discussions there.
18

Why my passwords appear in plain text (!!) above the virtual keyboard as input options :-o ? [duplicate]

asked 2014-01-09 23:46:40 +0200

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2014-07-11 23:38:55 +0200

simo gravatar image

..... Is there a way to erase them out of any table ?

---> cannot reproduce the occurrence but it'd be great if one could purge unwanted entries to the input hash table ...

edit retag flag offensive reopen delete

The question has been closed for the following reason "duplicate question" by Mohjive
close date 2014-01-11 19:18:53.630688

Comments

3

I ran into the same problem with some android applications using predictive input on the password field (at least Steam for Android does this.) The password field still shows asterisks instead of characters when inputting a password. I too am looking for a way to remove predictive input entries.

Ascense ( 2014-01-10 00:57:39 +0200 )edit
3

Passwords shown in plaintext in stock Jolla vkbd sounds like really serious security/privacy issue to me.

foss4ever ( 2014-01-10 03:20:06 +0200 )edit
2

The problem here seems that Jolla adds entries to the vkb completion automatically. Together with the possibility that some app or webpage doesn't use "password" as input type but instead script the asterisks, there's the risk that the password get stored.

I like the implementation that when you tap the word you get the question if you want to add it. Also you should be able to remove added words.

Mohjive ( 2014-01-10 09:06:53 +0200 )edit
1

This is wonderful, I just had the same experience with Opera and Amazon. I doubt they don't use the password tag. Does somebody know if the behaviour can be reproduced with a native app, i.e. the browser, as well?

I think this actually quite critical but should be easy enough to fix.

minnist ( 2014-01-10 22:26:39 +0200 )edit

Seems that this problem has been detected only in connection with Android apps, so could you tag and edit the title / description appropriately?

foss4ever ( 2014-01-10 22:37:09 +0200 )edit

2 Answers

Sort by » oldest newest most voted
0

answered 2014-01-10 22:45:44 +0200

foss4ever gravatar image

Cannot reproduce this with native Jolla browser; typed passwords in web-forms are not stored in dictionary nor suggested as word-completions.

edit flag offensive delete publish link more

Comments

In native browser, typing the same word three or more times adds it to auto complete suggestion.

I tested it here http://www.htmlcodetutorial.com/forms/_INPUT_AUTOCOMPLETE.html by entering the word 'qwert' and it was added, even though autocomplete supposedly shouldn't be used.

I suggested in the comments that it was invalid password fields that triggered the behavior, but it may also be android apps that are affected.

Mohjive ( 2014-01-10 23:07:33 +0200 )edit

But that is not password field.

foss4ever ( 2014-01-10 23:18:38 +0200 )edit
1

This happens atleast with android app for Younited even after only typing the password in once or twice..

MMori ( 2014-01-10 23:38:36 +0200 )edit

@jjaone: there's still 'the possibility that some app or webpage doesn't use "password" as input type', and that breaks the behavior as above.

Besides that it seems to affect Android apps.

Mohjive ( 2014-01-11 00:26:45 +0200 )edit
0

answered 2014-01-11 19:18:43 +0200

Mohjive gravatar image

The link to the other question was hidden in comments. This is a duplicate of https://together.jolla.com/question/829/android-vkb-saves-and-suggests-passwords-in-plaintext/

edit flag offensive delete publish link more

Question tools

Follow
2 followers

Stats

Asked: 2014-01-09 23:46:40 +0200

Seen: 1,369 times

Last updated: Jan 12 '14