• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Fixed  "MySQL Password" not censored when typing.

Vincent

Well-known member
#1
The title says enough, when typing in the textarea next to MySQL Password the letters should become dots, and they dont...
 

Vincent

Well-known member
#3
I believe this is REALLY necessary, because my Chrome saves the password, so it shows up at certain places now...

Also, he says one of the reasons is because of typo's, well, most people copy their passwords because they're not able to remember that... A safe password isn't rememberable.
 

Dean

Well-known member
#6
As this will only ever be seen by the person installing the software, who will obviously have to know the password, I can't see it being much of in issue in my opinion.
I'll take this approach.

Generally people that admin sites need to keep their computers secure. If a browser is remembering the mysql password, it will be remembering other passwords like cpanel/whm, email, all sorts of things.
 

Vincent

Well-known member
#7
I'll take this approach.

Generally people that admin sites need to keep their computers secure. If a browser is remembering the mysql password, it will be remembering other passwords like cpanel/whm, email, all sorts of things.
Yeah, computers need to be secure, I agree. But if hackers want to be in my computer, they will be. Nothing to do about that...

I really don't see why it should be viewable. You can enter the password, and press "Submit". If wrong it will say "Try again". There's no need to see it.
 

fos

Active member
#9
I don't generally use Chrome. Firefox asks if I want to remember passwords before saving them. A much better behavior.

This might be a reason to avoid chrome whether this is changed in Xenforo or not.
 

Luke F

Well-known member
#10
I don't generally use Chrome. Firefox asks if I want to remember passwords before saving them. A much better behavior.

This might be a reason to avoid chrome whether this is changed in Xenforo or not.
The password is being input into a plain text box, so it gets remembered in Firefox, Chrome and other browsers without any prompt.
 

Mike

XenForo developer
Staff member
#11
I've turned off autocomplete for that element. I did change the SMTP password field so that it didn't show up, but the reason was mostly because it was stored and displayed back. I'm not really focusing on shoulder surfing with the installer, and MySQL connection issues are one of the most common issues, so I don't want to make a more significant support hassle. (In the vast majority of cases, the MySQL password needs to be used in conjunction with server access anyway.)