Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Dalšne informacije

Toś ta nitka jo se archiwěrowała. Pšosym stajśo nowe pšašanje, joli trjebaśo pomoc.

Add-In Permissions

  • 2 wótegronje
  • 0 ma toś ten problem
  • 424 naglědow
  • Slědne wótegrono wót pabsfx-config
  • Archiwěrowany

pabsfx-config
pabsfx-config

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. "

I was stunned.

That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords).

The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. " I was stunned. That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords). The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

Wšykne wótegrona (2)

TyDraniu
TyDraniu
  • Top 10 Contributor

This is a precaution. It doesn't mean that this add-on actually reads your passwords or it could send this data anywhere.

pabsfx-config
pabsfx-config Pšašaŕ

The add-on does not necessarily ACTUALLY read the username and password, but does that permission mean that the add-in COULD read the username and password ? If so, is there a way to raise a warning if it does?