Loading Profile...
Let my browser remember my password for me!
Since the change from del.icio.us to delicious.com, I have to sign in more frequently (every two weeks). This is a minor inconvenience, but it's exacerbated by the fact that the password field is set to autocomplete="off", telling my browser not to offer to remember it for next time.
When my bank does this, it's a good security precaution. When Delicious does it, it's just annoying. I love Delicious and use it daily, but it is just a free bookmarking service, and doesn't need this level of security paranoia.
When my bank does this, it's a good security precaution. When Delicious does it, it's just annoying. I love Delicious and use it daily, but it is just a free bookmarking service, and doesn't need this level of security paranoia.
I’m frustrated
12
people like this idea
I like this idea!
Tell me when this idea gets some attention.
The more people who like this idea, the more it gets noticed.
The more people who like this idea, the more it gets noticed.
The company has not planned to implement this.
The best point from everyone
-
This is actually an extremely poor explanation for an even worse decision.
Setting the autocomplete property won't increase security at all.
Autocompletion improves security in login forms by avoiding the need for users to write down passwords, or reuse the same password from site to site. Login forms that prevent users from using autocomplete are far more likely to be compromised by out-of-band mechanisms such a shoulder surfing.
Many webmasters believe that autocompleting logins is a security risk. It may indeed be so on a shared computer, such as one in a public library. However only the end user can determine whether or not their computer is shared. Users are always free not to remember a username or password, or to tell the browser to forget stored information, if they use a shared computer.
And Safari's autocomplete functionality *did* work for del.icio.us, so something must have changed.
I’m frustrated
4 people think
this is one of the best points
Create a customer community for your own organization
Plans starting at $19/month
-
Inappropriate?I responded to a similar question on our forums: "we made this change on the site to follow standard security practice here. It's important to us to help people's accounts stay safe, even if the side-effect is a little annoying sometimes (unfortunately)." So, we don't have current plans to extend the login period.
Autocomplete="off" is similar; the old Delicious had this too, and it's standard across Yahoo! sites.
It's always useful for us to hear what people think, though. Thanks for letting us know! -
Inappropriate?Thanks for your reply, even if it is disappointing. I thought it might be a Yahoo thing, because I'd noticed the same problem there. I can accept that a Yahoo account might be used for important purposes, even if mine isn't. However, I fail to see how preventing automated form-filling on a Delicious login helps anyone to 'stay safe'. To put it another way, what's the worst that could happen?!
I’m disappointed
-
Inappropriate?I too love del.icio.us, but also I find these issues more than "a little annoying". Why do all Yahoo apps have to conform to the same "security standards"? Couldn't you at least give users the *option* to allow the cookie to live for longer...?
I’m annoyed
-
Inappropriate?This is actually an extremely poor explanation for an even worse decision.
Setting the autocomplete property won't increase security at all.
Autocompletion improves security in login forms by avoiding the need for users to write down passwords, or reuse the same password from site to site. Login forms that prevent users from using autocomplete are far more likely to be compromised by out-of-band mechanisms such a shoulder surfing.
Many webmasters believe that autocompleting logins is a security risk. It may indeed be so on a shared computer, such as one in a public library. However only the end user can determine whether or not their computer is shared. Users are always free not to remember a username or password, or to tell the browser to forget stored information, if they use a shared computer.
And Safari's autocomplete functionality *did* work for del.icio.us, so something must have changed.
I’m frustrated
4 people think
this is one of the best points
-
Inappropriate?Thank you all for your thoughts - we've been thinking about ways to improve this experience while retaining what we need to retain. As a start, we plan to allow the username field to be auto-filled-in in the future, and to implement a longer authentication period in the browser plugins.
-
Inappropriate?Ditto to this request. I really curtailed my use of delicious because of the password annoyance. For a low-overhead low-security service like this it's ridiculous to turn off password autocomplete. I'm glad to hear you're changing your policy.
I’m irrtated but hopeful
-
Inappropriate?Note: As of a couple weeks ago, Delicious allows you to remain logged in for more than two weeks (as long as you want, until you decide to log out). When logging in, be sure to click the "Keep me signed in" checkbox.
2 people think
this is one of the best points
-
Inappropriate?As a developer, I need to delete cookies 50 times every day. This means I always have to enter the password manually when using delicious. This significantly reduces my use of delicious. I would really like it to :
A. Allow autocomplete
B. Save the password without a cookie. (e.g, via a firefoxplugin writing a to a file or something)
I mean, today, I get angry and annoyed EVERY TIME i use delicious. That is ABSURD.
I’m extremely frustrated
1 Comment Add a comment
This is one of the best points
-
Do you use Greasemonkey? You might find this Greasemonkey script helpful.
EMPLOYEE
