Hi i tried test of password input and I think it is not safe!
Why the passwords copy as plain text, and remain only stars (dots).
I have two inputs, first password and second text with same class
<input class="pass" type="password"/>
<input class="pass" type="text"/>
I tried write this js:
$(".pass").keyup(function(event) {
$("." + $(this).attr("class")).not(this).val($(this).val());
});
Check the JSFIDDLE
What do you think?
Hi i tried test of password input and I think it is not safe!
Why the passwords copy as plain text, and remain only stars (dots).
I have two inputs, first password and second text with same class
<input class="pass" type="password"/>
<input class="pass" type="text"/>
I tried write this js:
$(".pass").keyup(function(event) {
$("." + $(this).attr("class")).not(this).val($(this).val());
});
Check the JSFIDDLE
What do you think?
Share Improve this question edited Oct 16, 2014 at 0:32 mandel99 asked Oct 16, 2014 at 0:12 mandel99mandel99 1241 silver badge10 bronze badges 5- Why would you think this was safe? – John Conde Commented Oct 16, 2014 at 0:12
- What do you even mean by "safe"? – Pointy Commented Oct 16, 2014 at 0:13
- 2 All fields on the client are visible to the client. That's how the DOM works. – George Stocker Commented Oct 16, 2014 at 0:13
- Pressing patterns on your keyboard is not safe. – Bergi Commented Oct 16, 2014 at 0:13
- I think copying the value insecure as plain text – mandel99 Commented Oct 16, 2014 at 0:14
2 Answers
Reset to default 5It is not secure. The purpose of the password field is just to make it harder for someone to look over your shoulder and see the password in clear text. Everything in the DOM is in clear text and not secure though.
This thing just make your password hidden while typing but not secure to trust it blindly as it will be saved as plain text. However if you have passwords stored somewhere on databases, you must use encryption to make them non-understandable if exposed.