on
May 10th 2010 at 7:22 am in It happens to each and everyone of us at least every once in a while: you hit a website you only scarcely visit and you need to type your password again.
But you forgot it in the meanwhile…
Usually, you used Firefox’s “Remember my password for this site” to remember stuff *for* you. This works out, most of the time…. until you change your computer and you do not have access to the cached passwords anymore.
Likewise, simply copying the “signons.sqlite” file to the new machine will not work, the passwords are encrypted with the master password.
Luckily, I *do* still have access to the old Firefox running on the old laptop…
So, I visited the website I wanted to log into and lo and behold, it filled in the cached username and password… Firebug is an excellent tool that can help out here — find the input that contains the password field and remember its ID. Then, in the location bar, type the following, et voila, that’s your password right there:
javascript:alert( document.getElementById( 'password_field_id' ).value );
I hear you say, “there’s nothing spectaculair about this, this is a very old and known trick”. Yes, I know — all the more reason to find it ridiculous that this still works!
Amazing that such an unsafe ‘feature’ like the password field still exists nowadays.
no comments 
