[RCD] save login password?

Rimas Kudelis rq at akl.lt
Thu Oct 21 18:23:10 CEST 2010


Hi,

2010.10.21 18:55, pete rašė:
> I agree with Cor, the main reason i use Roundcube is the active maintained
> codebase and a healthy attitude towards privacy and security. For my 2
> cents, security should have to be the deafult and users can opt out. If you
> develop unsafe defaults, many will use  as-is.

Yeah, except they can't even opt in right now, without using third-party 
code.

Don't get me wrong: I do like sane security measures, but not always the 
goal justifies the measures. In this case, I see this absolute inability 
to save password as an annoyance.

Then also, consider the fact that the same user is quite likely to use 
the same password elsewhere (e.g. facebook, which coincidently uses 
email address as the user name), which in my eyes makes this security 
measure even weaker. And you can't expect the user to use different 
passwords everywhere until this becomes convenient enough (as in type 
once, save for later, synchronize between desktops).

Rimas
_______________________________________________
List info: http://lists.roundcube.net/dev/
BT/aba52c80


More information about the Dev mailing list