[wp-trac] [WordPress Trac] #33441: LastPass autofills generated password for a WP user with my account's password + other LastPass problems
WordPress Trac
noreply at wordpress.org
Wed Aug 19 18:32:10 UTC 2015
#33441: LastPass autofills generated password for a WP user with my account's
password + other LastPass problems
--------------------------------+-----------------------------
Reporter: TheLastCicada | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version: 4.3
Severity: normal | Keywords:
Focuses: ui, administration |
--------------------------------+-----------------------------
LastPass (at least using the Chrome extension) seems to really wrestle
with the user-edit.php screen in 4.3. I recorded a gif of my experience
that you can watch
[https://s3.amazonaws.com/uploads.hipchat.com/52421/362666/GZ1h3AiO2A6GGKo
/lastpass-bugs.gif here].
When editing an existing user, whenever "Generate Password" is clicked,
LastPass fills in MY user's password and never shows me the password
generated by WordPress. With LastPass on, I cannot get it to show me the
generated password instead of my own password.
In addition, LastPass fills in my account's email address and username in
the "E-Mail" and "Nickname" fields respectively. You can see all of this
in the gif linked above.
I respect that this might be more of a problem with LastPass than with
WordPress, but given the goal of the Generate Password button (to improve
user account security by making it easier to create good passwords),
having an incompatibility with a popular password manager seems to subvert
that goal. Especially since a password manager like LastPass is going to
be almost mandatory for users to be able to use truly random passwords
across all sites as we are (rightly) encouraging here.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33441>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list