[clug] unusual password retention in browser
Michael Ellerman
michael at ellerman.id.au
Tue Aug 18 02:44:00 UTC 2015
On Mon, 2015-08-17 at 16:58 +1000, Eyal Lebedinsky wrote:
> On 17/08/15 16:23, Michael Ellerman wrote:
> > On Fri, 2015-08-14 at 14:59 +1000, Eyal Lebedinsky wrote:
> >> I recently noticed a strange thing, where it seems that my password is retailed after being used.
> >>
> >> Here is the simple scenario
> >> - log into my bank with details I have in a file (file-1).
> >> - copy+paste access code
> >> - copy+paste password
> >
> > At this point you could run:
> >
> > $ xclip -o
>
> Did not know of this one, and is not on my system (now installed).
>
> > And you should see your password, then:
> >
> > $ echo | xclip
> > $ xclip -o
> >
> > And it should say no string available.
>
> No message, just empty string (actually a newline unless I use 'echo -n')
Yes you're right.
> > While I'm here I recommend:
> >
> > http://www.passwordstore.org/
>
> Had a quick look, it is interesting. As is often the case these days the page provides
> no indication of any validity dates. Was it inactive for the last 5 years? I cannot tell...
The linked git repo shows some activity, if you believe it ;)
http://git.zx2c4.com/password-store/
cheers
More information about the linux
mailing list