Forum Discussion
adipose
May 02, 2019Brass Contributor
Ability to save passwords for sites with invalid SSL certs
See here for a bug that has been ignored by Google for 4.5 years: https://bugs.chromium.org/p/chromium/issues/detail?id=431618 The ability to save passwords for sites is a convenience that mo...
Eric_Lawrence
Feb 28, 2021Microsoft
goodwill1120: As noted immediately above, not everyone recognized that a workaround is available, and some are delighted to have one.
The problem isn't the scenario where you have decided not to fix the security threat; the problem is the scenario where the user is actively under attack and does not recognize the implications of, say, clicking through a certificate error "just to see". You can follow the conversation in https://crbug.com/431618.
The problem isn't the scenario where you have decided not to fix the security threat; the problem is the scenario where the user is actively under attack and does not recognize the implications of, say, clicking through a certificate error "just to see". You can follow the conversation in https://crbug.com/431618.
adipose
May 06, 2023Brass Contributor
And how does refusing to save the password mitigate the risk of that scenario?