Why is the server-side fix not sufficient?
Posted Dec 7, 2006 0:40 UTC (Thu) by gerv
In reply to: Why is the server-side fix not sufficient?
Parent article: The Firefox password manager vulnerability
> The way "most smaller sites" apply security fixes is "not at all".
Then they have bigger problems than input type="password". You worry about your password getting out; if they get hacked, every bit of information you've given them gets out, not just your password.
Either sort of fix would require security updates from someone. The server-side fix doesn't reduce the functionality of a useful browser feature; the client-side fix would.
to post comments)