Announcement

Collapse
No announcement yet.
X
Collapse
  • Page of 1
  • Filter
  • Time
Clear All
new posts
Previous template Next
    #1

    Password Stored in RAM memory in clear text

    The request on the login page containing the username and password of the user is also stored in the browser's memory can be read with the use of memory reading tools .So if a user left his browser window open after
    logout, an adversary can steal the password from the memory.
    Tags: None
    #2
    The login page of our application is build using the smartclient libraries(jars) and we see the login page information is stored browser's memory.We are using SmartClient version v100p_2017-03-16_Enterprise.

    Comment

      #3
      As with your other, similar thread posted recently, SmartClient does not impose any particular method logging in, so we do not do anything that would force the password to remain in browser memory.

      Comment

      Previous template Next
      Working...
      X