Password saving reveals security vulnerability

Description of the issue:
It’s convenient for me to have passwords saved but it isn’t safe to make that convenience available to anyone on my computer. Get the distinction?

Actual Result (gifs and screenshots are welcome!):
Damn right I brought attachments your honour. In the pic attached that hand is obviously mine with the cut I got from the bathroom reno, or maybe it’s some guy at the library when my back is turned. Click the ProtonMail graphic from a new Brave browser window then click on the ProtonMail log in button window and with no further effort my saved password appears. A small hoop to jump through at this point that doesn’t govern the convenience is needed to authenticate that I am me. Don’t you think?

Expected result:
Make me type the first two or three letters of my password first. Asses it’s me, here you go; trigger the passwords. Release the Hou - well, release the passwords right, it is a pretty big deal to just give them up like that. It’s Monty Python-esque in a way. HeyJer what’s the password to your highly encrypted e mail - oh never mind…
Having the first letter be typed to trigger the password reveal should be the lowest bar to achieve to reveal the sign-in passwords that I really saved for only a minor convenience anyway.

Imagine every single person that is living with someone that thinks their accounts are secure based on those program’s protocols. It is really the computer sign-in that becomes the gatekeeper when Brave saves passwords. Somebody knows your log-in or your computer is on - there’s all your e mails or whatever other program content you thought was secure.

Conclusion: For the minor convenience of password storage my passwords become available for sign-in with zero prompting to anyone on my computer! I suggest that a simple prompt of some kind to trigger password availability is needed.

I get there are people above the clouds smarter than me making this all happen and I pass this on with much respect for what you’ve built.
Thanks, HeyJer

This topic was automatically closed after 30 days. New replies are no longer allowed.