[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev ftp://user:address@hidden too much unencripted info

From: Klaus Weide
Subject: Re: lynx-dev ftp://user:address@hidden too much unencripted info
Date: Mon, 8 Nov 1999 16:40:22 -0600 (CST)

On Mon, 8 Nov 1999, Philip Webb wrote:

> 991108 Leonid Pauzner & Klaus Weide discussed:
> LP> When I start with ftp://user:address@hidden
> LP>                             ^^^^^^
> LP> I see that prefix with username and password unencripted
> LP> for all URLs shown from lynx: in Advanced mode statusline
> LP> while navigating across directories; in History/VisitedLinks/Info
> KW> Using a password in a URL is so hopelessly bad
> KW> I wouldn't bother trying to hide it.
> KW> Don't give the impression you can make it more invisible
> KW> unless you really can make it disappear from *all* places that matter.
> KW> If you only strip it out in some obvious places,
> KW> you are just misleading the user to *think* it is hidden.
> IOW "Traffic conditions & speeding on this road are so bad
> you shouldn't put a pedestrian crossing there
> because people might get hurt using it:
> they should just stay on their own side of the road".
> pessimistic fatalism?  fatal pessimism?

To stay in your picture: There are already overpasses that have been
built so people can cross that road safely, and they are accessible
by everyone (don't put the password into the URL, be prompted for it).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]