Hacker News new | past | comments | ask | show | jobs | submit login

I do this stuff manually in autohotkey for flows like tabbing to the MFA app window, clicking the right place to copy the code, tabbing back into the app I'm trying to log into, clicking the right space to get to the input fields, and entering the username/password/mfa. As well as for logging onto a website where I need to enter the username, hit tab, hit enter to select "log in with password", then enter the password and hit enter again. Saves a lot of time/dealing with typos in the unnecessarily complex passwords these systems require and it's cool to watch it do it.



You store all your passwords in plain text on your machine?


Just some, which is no worse than saving them in a browser.


Chrome and Edge uses the OS' own storage mechanisms for passwords (Safari too?), and that's considerably more safe than a plain text file.

Firefox uses a weaker scheme, but the passwords are still encrypted and it's definitely less accessible for an intruder compared to a plain text file.


You can just open the browser and look at the saved passwords in the settings. A little bit harder I guess.


If you set a master password for saved logins in Firefox then passwords won't be available with a simple click, and they will be encrypted on disk.

In browsers that use the OS' password storage then they will normally be stored in encrypted form, although the browser integration is seamless so you won't notice the difference.

In both cases, there is a significant security advantage in cases where the data on disk is leaked (say, if someone steals your computer and you don't have full-disk encryption.


At least in Chrome if you want to view the passwords; it asks you for Windows account password.


Chrome now requires your machine login to do this (on Windows at least where I tested it.)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: