JavaScript can display passwords in plain text. The password fields in HTML forms display your password as asterisks but the actual value is still just plain text as this simple bookmarklet that retrieves the content and displays it in an alert illustrates. Of course someone would need to have direct access to your computer in order to be able to run the bookmarklet but in some instances there may even be a legitimate reason to do so.
Comments
No comments yet. Leave a Comment