Web Browser Passview export

A

A/CPC

Member
Reaction score
34
Location
U.S.
I have a client who never keeps track of his passwords. He lets Firefox remember them. I just set up a new system for him and recovered 135 of his pws from the old system using Nirsoft's wbpv. The most functional export is via the View Menu: View/HTML Report.

This creates a very useable table report in .htm format that opens with Firefox and can be searched quickly and easily using FF's ctrl+F find function.

When he goes to the site, he can just open the wbpv report.htm in FF, search for the site (i.e., typing face will take him straight to the www-dot-facebook-dot-com entry). Copy and paste his username, allow the browser to remember (he'll accept nothing else and I've learned to let it go...) and he's good to go.

I guess the question is: Is this a secure method to allow him to restore his pws as needed? Could the htm file somehow 'leak' info? If so, is there some way this could be managed? I don't see a way to create an outbound rule for an individual file in WFW.

Thanks for any ideas!
 
You could transfer the FF profile from the old installation to the new, which will bring all his passwords with it. Alternatively, there are FF add-ons to export/import the password database.

Or get him on Lastpass, which will import from browsers and can be used (synchronised) from either machine.

Having a plain-text on-disk list of passwords is fundamentally a bad idea and gives the wrong message to the client, imo.
 
NJW said:
You could transfer the FF profile from the old installation to the new, which will bring all his passwords with it. Alternatively, there are FF add-ons to export/import the password database.

Or get him on Lastpass, which will import from browsers and can be used (synchronised) from either machine.

Having a plain-text on-disk list of passwords is fundamentally a bad idea and gives the wrong message to the client, imo.
Click to expand...
Upvote for Last Pass.
 
Thanks for your responses, and apologies for the delay in returning. It's been that kind of week :eek:. I guess the real issue was my unfamiliarity with nirsoft's wbpv. After getting up to speed, I exported to csv and imported to the open source Password Safe (an excellent program). The import was perfectly formatted and will allow him to easily search, find and copy his usernames and pws for pasting iinto logins. And, of course, it encrypts the entered data and requires only that he remember the PW Safe password.

@NJW: I also copied his profile over, but all of his site passwords weren't 'remembered' (by his choosing, I would guess). Between the profile copy and PWS, he should be nicely covered.

@citizensmith: I find that not only are most people 'leaking' info, they are 'oozing' it (if someone cares to snag it). The jarring revelation here is that they don't care and don't really want to hear about it. I guess the strategy has to be that they be informed, if only to allow it to ring in their ears later. Sometimes hard experience is the only teacher.

Again, thanks to all for the comments.
 
You must log in or register to reply here.

Similar threads

Velvis
Question about cyber insurance
Replies
1
Views
865
HCHTech
HCHTech
Velvis
Ubiquiti question
Replies
16
Views
1K
Velvis
Velvis
Velvis
Client done with HP printers
Replies
16
Views
728
timeshifter
timeshifter
Velvis
Weird Email Issue with Verio.com
Replies
1
Views
555
seashore
seashore
britechguy
How Image Transparency is Represented by File Explorer and in Image Editors
Replies
2
Views
450
HCHTech
HCHTech
Back
Top