If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
IE irritation
Using Win 7 and IE 11. I used "Save Password" on my local ethernet webcam and now I've changed the password on the camera but I cannot seem to get IE to forget the original oassword and remember the new one. Using Internet Options - Delete - Passowords doesn't seem to do it nor can I find the original password in the registry (not that I expected to find it plaintext). So how to I get IE to update the password from old to new for a site it seems to remember even though History is also supposed to be deleted? |
Ads |
#2
|
|||
|
|||
IE irritation
pjp wrote:
Using Win 7 and IE 11. I used "Save Password" on my local ethernet webcam and now I've changed the password on the camera but I cannot seem to get IE to forget the original oassword and remember the new one. Using Internet Options - Delete - Passowords doesn't seem to do it nor can I find the original password in the registry (not that I expected to find it plaintext). So how to I get IE to update the password from old to new for a site it seems to remember even though History is also supposed to be deleted? I don't know if the utility described at the end of this article will help or not. The page does describe how storage of passwords has changed over the years. http://www.nirsoft.net/utils/interne..._password.html Paul |
#3
|
|||
|
|||
IE irritation
pjp wrote on 2015/12/26:
Using Win 7 and IE 11. I used "Save Password" on my local ethernet webcam and now I've changed the password on the camera but I cannot seem to get IE to forget the original oassword and remember the new one. Using Internet Options - Delete - Passowords doesn't seem to do it nor can I find the original password in the registry (not that I expected to find it plaintext). So how to I get IE to update the password from old to new for a site it seems to remember even though History is also supposed to be deleted? Probably because the password saved is for a host and not a web site. When the separate dialog appears asking to save your password, that is for the cached networked hosts passwords. Your webcam looks like a networked device hence a host on your network. IE caches web site passwords. For host passwords: - In the Start menu searchbox, enter "network password". - Select "Manage network passwords" in the search results. You'll see the host cached passwords in the Windows Vault. I just did this and did not realize my old Xmarks account was still listed, so I removed that cached host password. |
#4
|
|||
|
|||
IE irritation
|
#6
|
|||
|
|||
IE irritation
pjp wrote on 2015/12/27:
Argh!!! Thought IE somehow seemed to remember the old password because of the number of hidden chars it showed. Older versions just showed number that you used, IE 11 hides that showing more and for a few times I didn't realize it LOL Many password input objects will not show asterisks (or whatever masking character) in the same count as the characters entered. That's to deter someone looking over your shoulder (aka shoulder surfing) and counting characters to help them crack your password. Of course, if they're looking over your shoulder, you had better be a fast typist and have them not notice if and when you hit the shift key (password fields are prevalently case sensitive, and you should include a mix of lower and uppercase in your password). It also helps to prevent some malware from knowing the length of your password. There really should be no faithful correlation between the number of characters you enter and the number of masking characters displayed on the screen. It's been a long-time security measure but not employed by all programs. For example, if I saw you 8 mask characters as you enter your password, I might try to crack it; however, if I saw 19 masking characters, I might not bother trying to brute force crack the longer password. The idea is to NOT provide any details about your password, like the use of non-alphanumerc characters, which ones are lower or upper case, and including the length of the password. For a program that does input masking, it should not add N characters for every 1 character entered. It should alter at random how many mask characters are entered for each character actually entered. Sometimes 1 mask character, sometimes 2, sometimes 3, and so on. Having the number of mask characters displayed equal the number of actual characters entered would assist the user entering their password. They might see that they entered 9 characters instead of the 8 for their password. Ease of use and security are the antithesis of each other. Most users just enter their password blindly (not looking at the screen but watching their fingers on the keyboard or can type without looking). I don't recall ever watching the input field for a password and counting the mask characters one by one to make sure they matched me entering the actual characters on the keyboard. One, that means I would have to be a hunt-and-peck or 2-finger typist: very slow. Two, anyone shoulder surfing wouldn't be counting the mask characters but could instead easily watch what characters I typed one finger at a time very slowly. Telling everyone to turn around as you type in a password isn't always doable. What if they don't turn around? Are you going to wait? What if you are doing a presentation on a big screen and have to login in front of a whole class? Are you going to have them all stand up to turn around? No, but do you want them to know how long is your password? Think about opening a dial combination safe where there may be others watching (obviously or hidden, like a camera). If you spin the dial 3 times (3 times in different directions) then the observer knows there are only 3 digits in your combination. If every multiple of 12 was a null entry (it does nothing to open the safe), you could add more spins bouncing between 12, 24, 36, 48 in different directions to confuse any shoulder surfers. They might think there are 8, or more, spins to your combo and decide to do something other than try to crack the safe than waste time with an 8-spin combination. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|