Web lists-archives.com

Re: Password Manager opinions and recommendations




On Mon, 26 Mar 2018 17:38:33 -0400
rhkramer@xxxxxxxxx wrote:

>
> > > 
> > > Yes, at least I think so, unless there is some standard for how
> > > to handle passwords (including changing them) on websites.  I
> > > suspect that there isn't. There may be some commonality in
> > > websites generated by a common website "generator" (one of those
> > > packages that help you create a website--I think they exist, but
> > > I've never used one--maybe Drupal is an example?  
> > 
> > The standard exists. You change your password via the website. Then
> > you inform your password manager of the change.  
> 
> Ok, but that's not the kind of standard I was hoping for--I was
> hoping for a (standard) programmatic way of changing the password on
> a website, which, being programmatic, could be initiated by the
> password manager.
> 

Unless such a thing is a library function in JavaScript, then no
commercial website will contain it...

More seriously, I doubt that such a thing exists, it would be like the
backdoor in OpenSSL, an absolutely disastrous idea. Websites tend to
store password data (sometimes in plain text!) insecurely enough as it
is. 

Also, many websites where security is a big issue do try to ensure that
logins can't be made by computer.

-- 
Joe