Remember Password & security

ThrashZone said:

Hi,
I suppose it is safe to use but you really don't say which browser
I imagine one is no safer than another
I guess the only bad thing about user name and password autofill features is if someone else uses your user account on the machine,
Obviously they would have access to everything you do

I too do not use either feature.

Well 2 people here have indicated it is not safe so I need take it no further, i.e. that is enough to make me doubt the security. Obviously my post was concerning the ability to hack into my email account and whether or not they would get the green light (the automatic password come up) i.e. it was not about someone else using my pc here which is highly unlikely. I am in windows 7 - mozilla firefox. The browser info is on my system spec section (bottom left of this post also in my profile).

For the most part the location is encrypted or at least can be,
https://support.mozilla.org/en-US/kb...-stored-logins

ThrashZone said:

For the most part the location is encrypted or at least can be,
https://support.mozilla.org/en-US/kb...-stored-logins

I see that the master password applies to those sharing a pc. I have a laptop at home so am not in that predicament. My question was directed at the possibility of hackers into my pc (i.e. not from my premises) accessing my email account i.e. if I used the automatic password facility, would it pop up when they do that?

Master password encrypts the passwords (period).
Nothing is 100% if you get hacked they pretty much got you but if that happens a key logger would still give up everything typed so in that case not entering a password would have an advantage

I personally wouldn't use the feature for banking,
Some banks don't allow the features anyway an email should be fine
Public wifi... would be a different environment so we can't really touch base on every situation with pro's and con's
It all starts with good security and personal practice.

Thanks. My decision has now become consolidated...i.e. I won't be using the automatic password facility and have deleted it from popping up when I log in. This thread can now be considered closed and deleted by mods if they so choose (or left as a guide to others maybe).

You can mark the thread as answered anytime you want too :)

ThrashZone said:

You can mark the thread as answered anytime you want too :)

Oh...is there a special facility for that? Where?

LMiller7 said:

Be sure to understand that "safe" is always a relative term. There is no such thing as absolute safety.
Whether it is "safe" to use "remember password" depends a great deal on your situation. On a single user computer this is a reasonable compromise between security and convenience. Not everyone will agree with that. You have to decide for yourself. When the computer is or may be shared with others then the option is probably a bad idea.

Options are provided to accommodate different situations. If there was one best setting for all situations the option would not be provided.

Well said.

I have a clear policy on this. I have a very strong sign in password for all my user accounts in all Windows computers. Within that user account, signed in by myself, I usually let the system to save the login credentials to each service I use. For instance using an email client, Outlook 2013 in my case with several email accounts and mail checked automatically in the background, having to give the password every time the mail is checked would be a pain in the you know where.

Old habits die hard; although nowadays living alone I still automatically lock Windows whenever I go to get a cup of coffee or having a smoke in the balcony, not to speak about longer absence from the PC. The same with screensaver, it kicks in after 5 minutes of inactivity and requires a password to get back to the desktop.

For me this is the only reasonable way to use Windows, protecting my Windows user profile with a very strong password then letting my user profile in Windows to save credentials to services I use when signed in.

badcrc said:

slightly off-topic password story -

I knew a lady once who ticked 'remember me' the 1st time she used Gmail - she didn't write the password down. 6 months later, the computer needed a factory restore and the password was lost. She had used an old (defunkt) email as the fall-back at Gmail, and never got access to that account again. The lady ran a small high street flower shop and used the lost Gmail account as part of her business . . .

Totally irrelevant story regarding the OP's question. No security measures can protect a user from his / her own stupidity.

From Kari post # 19

Totally irrelevant story regarding the OP's question. No security measures can protect a user from his / her own stupidity.

I totally agree. They don't make a Anti Stupidity Program. Although I think their is a market for one.