My computer remembers my passwords for some sites. That’s good, because I don’t have to type them in. On the other hand, sometimes I forget them. (I tend to use different passwords instead of the same one over and over.) Some sites will give me a hint and/or email me my password. Other sites require that I provide a new password. I don’t like that.
Is there a way to see the password that my computer is storing for a website? I’m using OS X 10.9.5 and Safari 9.0.1.
The browser may be storing it, in which case you want to go to Preferences… → Passwords tab and click the “Show Passwords for Selected Sites” box.
Alternatively, the OS might be storing it (they overlap somewhat), in which case you want to run “KeyChain Access” (in your /Applications/Utilities folder), which can show you your stored passwords. K.A. is a little bit of a mess–it has a whole bunch of different functions, many of them complicated–but poke around in it for a while and you’ll probably see what you need.
My bold. This makes me sad. It means the site is storing your password in plain text, which is wrong on many levels. I’m a security guy, and one time an organization that issues information security credentials emailed me my password in plain text. Kind of killed whatever credibility they may have had (which honestly wasn’t much to begin with).
While we’re on the subject, it’s annoying that all the browsers I’m using just store usernames and passwords as a one-to-one mapping across all sites.
So, say two web pages require my user name to be my email address. I use the same e-mail account for both but (rightly) decide to use a different password.
Since the browser can only map one user name to one password it’s constantly filling in the wrong password and/or asking me to update the reference.
It might be because I’m using older versions of Chrome / Firefox / Opera / IE…if one of the updates fixes that, that might actually be worth updating for…
When I’m King, one of my first acts will be the “passwords are a SEQUENCES OF KEY PRESSES, and the state of caps/lock (or shift except as a key that can be pressed in the sequence) should be irrelevant under pain of death” law.
Seriously, it’s 2016 and we’re still rejecting passwords because of caps lock being down?
Mijin, Firefox has stored passwords separately for separate sites for ages now. It also no longer asks you if you want to change the stored password until after it submits it to the site so you can see if it worked. I expect all modern browsers do this, too, but I don’t have experience with them.
But, but, Sire, the keys I press are vastly different between my desktop PC, my Surface tablet, my Android tablet and my phone. And each of these has French and English keyboard layouts installed. On Windows, the # symbol is Shift-3 in English but has its own unshifted key in French. It’ll never fly, Sire.
What pisses me off is the various password-making “rules” that exist across sites. Some require at least one uppercase. Some don’t. Some need a number. Some don’t. Some need a special character/punctuation. Some need a special character, but only from a small subset of special characters. Some just used to reject any special character at all. It drives me batty.