[wp-testers] Your mission, should you choose to accept it
Dave J. (Scoop0901)
scoop0901 at gmail.com
Sat Jan 6 11:20:51 GMT 2007
On 1/5/07, Marcos Sader | marcosmedia <m at marcosmedia.com> wrote:
> There is one thing that needs to be changed since Mingus or before, but i
> always forget to mention it. When you install WordPress the password field
> is set as a text (type="text"), so anyone around me is able to see that
> password as i type it, even worst, it is remembered by the browser as it is
> part of the form data stored, so it will be auto-populated next time (in
> plain text).
>
> In setup-config.php, the field
>
> <td><input name="pwd" type="text" size="25" value="password" /></td>
>
> should be replaced with,
>
> <td><input name="pwd" type="password" size="25" value="password" /></td>
>
> It is not critical, but necessary.
Very much agreed on that point. I did a few clean installs, as well
as upgrades on dummy sites, and had that same thought. I had a note
to make a similar comment, so thanks for getting it in there quickly,
Marcos!
--
-dave
PGP Public Keys:
http://scoop0901.net/PGP/PgPkEyS.htm
Verify email with digital signatures, or encrypt for privacy
while offering job security to crackers at NSA, DHS, and TIA!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ Dave Jackson * Philadelphia, PA * http://blog.scoop0901.net
~ "A journalist's job is to comfort the afflicted and afflict
~ the comfortable." -- Finley Peter Dunne (1867-1936)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
(") ASCII Ribbon Campaign | You can't get a virus from ASCII!
X No HTML/RTF in email | No one ever said "I can't read
/ \ No Word docs in email | that ASCII email you sent."
(c) 2004 by Dave Jackson (Scoop0901). All rights reserved.
More information about the wp-testers
mailing list