Where are passwords stored?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • Dave2002
    Full Member
    • Dec 2010
    • 18034

    Where are passwords stored?

    I recently had to change a password in order to access Youtube - or at least set up a peronalised list of videos to watch.

    As Youtube is owned by Google I think I actually changed my Google and gmail password - though I'm not absolutely sure.

    I also found that if I use the Vivaldi browser, instead of my usual Firefox, I can watch Youtube videos without adverts - or so I believe.
    This seems to work.

    An option to save a password appeared recently - which made me wonder - "Where is it saved?".

    In days gone by that would have been fairly obvious - somewhere on my machine. Nowadays things seem to be more complicated.

    Are passwords stored locally, or in some cloud (for those who use such things), or somewhere that each browser knows about? If they are browser specific then there may need to be copies for each browser, but if they are OS specific then presumably each browser has access to the same passwords.

    I know that Apple would like to store all the passwords I have, and probably do so on a remote site in some far flung outpost.
    I trust Apple about as much as - well - I won't give a comparison right now. Just let's say that I don't want all my passwords to be stored on any remote servers where they are not needed.
  • french frank
    Administrator/Moderator
    • Feb 2007
    • 30448

    #2
    Originally posted by Dave2002 View Post
    An option to save a password appeared recently - which made me wonder - "Where is it saved?".
    Deleted my answer as it doesn't really answer the question
    Last edited by french frank; 12-08-21, 10:26.
    It isn't given us to know those rare moments when people are wide open and the lightest touch can wither or heal. A moment too late and we can never reach them any more in this world.

    Comment

    • AuntDaisy
      Host
      • Jun 2018
      • 1751

      #3
      Originally posted by Dave2002 View Post
      I recently had to change a password in order to access Youtube - or at least set up a peronalised list of videos to watch.

      As Youtube is owned by Google I think I actually changed my Google and gmail password - though I'm not absolutely sure.

      I also found that if I use the Vivaldi browser, instead of my usual Firefox, I can watch Youtube videos without adverts - or so I believe.
      This seems to work.

      An option to save a password appeared recently - which made me wonder - "Where is it saved?".

      In days gone by that would have been fairly obvious - somewhere on my machine. Nowadays things seem to be more complicated.

      Are passwords stored locally, or in some cloud (for those who use such things), or somewhere that each browser knows about? If they are browser specific then there may need to be copies for each browser, but if they are OS specific then presumably each browser has access to the same passwords.

      I know that Apple would like to store all the passwords I have, and probably do so on a remote site in some far flung outpost.
      I trust Apple about as much as - well - I won't give a comparison right now. Just let's say that I don't want all my passwords to be stored on any remote servers where they are not needed.
      I think this Vivaldi page explains it:
      When you enter a new password on a website, Vivaldi will ask to save it. That’s because Vivaldi has support for managing passwords. Find out how that works here

      "By default, Vivaldi will ask to save new passwords you enter on a website. When you say “yes”, your passwords will be stored locally on your computer."

      It then goes on to say that with "Sync" enabled (so your multitudinous other devices can also have the passwords), "In addition to the local copies, the Sync server stores its own copy of each password, encrypted by the Sync encryption key."

      More information here https://help.vivaldi.com/desktop/pri...rd-management/

      P.S. I don't use Vivaldi, but might give it a try.

      Comment

      • Bryn
        Banned
        • Mar 2007
        • 24688

        #4
        Originally posted by AuntDaisy View Post
        I think this Vivaldi page explains it:
        When you enter a new password on a website, Vivaldi will ask to save it. That’s because Vivaldi has support for managing passwords. Find out how that works here

        "By default, Vivaldi will ask to save new passwords you enter on a website. When you say “yes”, your passwords will be stored locally on your computer."

        It then goes on to say that with "Sync" enabled (so your multitudinous other devices can also have the passwords), "In addition to the local copies, the Sync server stores its own copy of each password, encrypted by the Sync encryption key."

        More information here https://help.vivaldi.com/desktop/pri...rd-management/

        P.S. I don't use Vivaldi, but might give it a try.
        I have it in my armoury but am so used to Firefox that I need a push to get me to move over to Vivaldi as my main browser.

        Comment

        • AuntDaisy
          Host
          • Jun 2018
          • 1751

          #5
          Originally posted by Bryn View Post
          I have it in my armoury but am so used to Firefox that I need a push to get me to move over to Vivaldi as my main browser.
          Very fond of Firefox, but the increasingly frequent update nags do annoy (esp. with updates set to manual).

          Comment

          • Dave2002
            Full Member
            • Dec 2010
            • 18034

            #6
            Originally posted by french frank View Post
            Deleted my answer as it doesn't really answer the question
            OK - though it did give just a glimmer of insight.

            I did seem to me having changed and used the password to access YouTube and used it within Vivaldi that subsequently I was still able to access YT via Firefox - albeit with the increasingly annoying adverts.

            More checks needed, but that seems to indicate that passwords are at least stored locally, within each machine. Whether that data would then leak out to other machines I can’t as yet say. Ff’s deleted post might, hopefully, suggest that it won’t, though I’ve already indicated my degree of willingness to trust Apple.

            YMMV - plus users of different OS systems, and with different configurations may discover other “features”.

            Comment

            • french frank
              Administrator/Moderator
              • Feb 2007
              • 30448

              #7
              Originally posted by Dave2002 View Post
              OK - though it did give just a glimmer of insight.
              I'm glad of that. I'm more concerned that the websites with which one registers stores the passwords as well, and they may be subject to hacking.

              Actually, what I said seems to have been confirmed by AuntDaisy's quote from Vivaldi: ""By default, Vivaldi will ask to save new passwords you enter on a website. When you say “yes”, your passwords will be stored locally on your computer." It does leave the question, Yes, but where else?
              It isn't given us to know those rare moments when people are wide open and the lightest touch can wither or heal. A moment too late and we can never reach them any more in this world.

              Comment

              • AuntDaisy
                Host
                • Jun 2018
                • 1751

                #8
                Originally posted by french frank View Post
                I'm glad of that. I'm more concerned that the websites with which one registers stores the passwords as well, and they may be subject to hacking.

                Actually, what I said seems to have been confirmed by AuntDaisy's quote from Vivaldi: ""By default, Vivaldi will ask to save new passwords you enter on a website. When you say “yes”, your passwords will be stored locally on your computer." It does leave the question, Yes, but where else?
                Now I'm eager to known what French Frank's original post contained...
                A tasty technical titbit? Something sagaciously subtle? (Where is Leonard Sachs when you need him?)

                Re. "Yes, but where else?"
                There's also - "to who(m) else?" Those nice people at Apple / Google / Microsoft / Kaspersky...

                Comment

                • french frank
                  Administrator/Moderator
                  • Feb 2007
                  • 30448

                  #9
                  Originally posted by AuntDaisy View Post
                  Now I'm eager to known what French Frank's original post contained...
                  A tasty technical titbit? Something sagaciously subtle? (Where is Leonard Sachs when you need him?)
                  I just did a test and found that a p/w stored yesterday in Firefox was on my Macbook but not this morning on my iMac, both machines synced for bookmarks; so I concluded that it was just stored on the computer from which I registered the new account.

                  Originally posted by AuntDaisy View Post
                  Re. "Yes, but where else?"
                  There's also - "to who(m) else?" Those nice people at Apple / Google / Microsoft / Kaspersky...
                  Yes. I do tend to have all my Apples in one basket and just check with (freeware) antivirus software now and again. Oh, and change my passwords fairly regularly.
                  It isn't given us to know those rare moments when people are wide open and the lightest touch can wither or heal. A moment too late and we can never reach them any more in this world.

                  Comment

                  • jayne lee wilson
                    Banned
                    • Jul 2011
                    • 10711

                    #10
                    On a Mac, Safari passwords are under:

                    Safari - Preferences - passwords

                    In Firefox:

                    Preferences - saved logins (you'll see this if you search for "passwords")...

                    Comment

                    • french frank
                      Administrator/Moderator
                      • Feb 2007
                      • 30448

                      #11
                      Originally posted by jayne lee wilson View Post
                      On a Mac, Safari passwords are under:

                      Safari - Preferences - passwords

                      In Firefox:

                      Preferences - saved logins (you'll see this if you search for "passwords")...
                      That's where they're saved in the browsers (for your convenience) but are they stored anywhere else - for other people's convenience?
                      It isn't given us to know those rare moments when people are wide open and the lightest touch can wither or heal. A moment too late and we can never reach them any more in this world.

                      Comment

                      • AuntDaisy
                        Host
                        • Jun 2018
                        • 1751

                        #12
                        Originally posted by french frank View Post
                        I just did a test and found that a p/w stored yesterday in Firefox was on my Macbook but not this morning on my iMac, both machines synced for bookmarks; so I concluded that it was just stored on the computer from which I registered the new account.

                        Yes. I do tend to have all my Apples in one basket and just check with (freeware) antivirus software now and again. Oh, and change my passwords fairly regularly.
                        I like that as a test - very nifty.

                        Apples (in lieu of a yoof-cool skull emoji).

                        Comment

                        • jayne lee wilson
                          Banned
                          • Jul 2011
                          • 10711

                          #13
                          Originally posted by french frank View Post
                          That's where they're saved in the browsers (for your convenience) but are they stored anywhere else - for other people's convenience?
                          It seems very unlikely & I've never had any evidence of that, & I wouldn't let it bother me, really.....in the browser preferences they are all encoded anyway, stay encoded when you login somewhere, and I can only see them on this mac accessed with my own passwords/codes...

                          Comment

                          • french frank
                            Administrator/Moderator
                            • Feb 2007
                            • 30448

                            #14
                            Originally posted by jayne lee wilson View Post
                            It seems very unlikely & I've never had any evidence of that, & I wouldn't let it bother me, really.....in the browser preferences they are all encoded anyway, stay encoded when you login somewhere, and I can only see them on this mac accessed with my own passwords/codes...
                            Put it this way: do you think your password for this forum is not stored somewhere, encrypted or not, in the software database? It's not visible in any way accessible to me, but to a hacker? The forum database doesn't have any important information like bank details anyway, but what about other websites for which you use a password. Is that password only in your browser? I just ask the question. I don't know what the answer is.
                            It isn't given us to know those rare moments when people are wide open and the lightest touch can wither or heal. A moment too late and we can never reach them any more in this world.

                            Comment

                            • AuntDaisy
                              Host
                              • Jun 2018
                              • 1751

                              #15
                              Originally posted by french frank View Post
                              Put it this way: do you think your password for this forum is not stored somewhere, encrypted or not, in the software database? It's not visible in any way accessible to me, but to a hacker? The forum database doesn't have any important information like bank details anyway, but what about other websites for which you use a password. Is that password only in your browser? I just ask the question. I don't know what the answer is.
                              From this VBulletin webpage, I suspect the forum passwords are (securely) hashed as "md5(md5(password) . salt)" - so the actual password isn't saved in the main forum database, just a super-condensed irreversible version that is compared against the hashed* password we type in.




                              * Hashing is just a way of converting text (or even bytes) to a number - you can go in one direction, but not the other.

                              Comment

                              Working...
                              X