![](https://seccdn.libravatar.org/avatar/7891b1b1a5767f4b9ac1cc0723cebdac.jpg?s=120&d=mm&r=g)
James Knott wrote:
On 2020-02-19 12:05 PM, Carlos E. R. wrote:
Yes, the actual password is never stored anywhere. That has been the normal practice since at least the 80's or early 90's.
Not so. Firefox does store the actual passwords.
I assume you're referring to the saved logins, which include the ID and password for a site. Are plain text passwords actually sent to the server?
It depends. Apache authentication can do it, but with encrypted connections, I would expect plaintext.
BTW, I remember the days when you could read passwords with Wireshark (then known as Ethereal) or other packet capture. When's the last time you used telnet?
This afternoon. :-) -- Per Jessen, Zürich (5.8°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org