Home page logo

basics logo Security Basics mailing list archives

Re: Webmail authentication
From: Brian Bruns <bruns () 2mbit com>
Date: Thu, 19 Dec 2002 13:08:15 -0500

At 12:28 PM 12/18/02 -0800, David Brown wrote:
My company is working on a webmail implementation, which requires that the
user >authenticate to an NT domain.  Regardless of the authentication
method, there is >always an option in the login dialog to 'Save this
password in your password >list', which seems to be browser driven.  I
don't want my user population saving >their passwords to various computers
all over the world.  Does anyone have a >clue how to remove or disable this

Have the login actually occour on the page and not via the popup would be
the easiest.  IIRC, Squirrel mail had come up with a method to prevent
password saving by changing the username and password box on the login
screen to different  name values.

I'll look it up though and post a follow up...

Brian Bruns
Founder, The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
ICQ: 8077511

No spam tolerated.  By sending an e-mail to this account, your
server may be subjected to an open relay/open proxy test as part
of our ongoing efforts to reduce spam.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]