Saved password in the browser memory of Google Chrome

After logging in and out of my application, I noticed that my username and password are stored in the Chrome browser memory. Recently, I created a dump file from the task manager for a specific process ID and used the WinHex tool to search for the username or password field. To my surprise, I found my password displayed in plain text. Now, I am looking for a way to encrypt or clear this password field for enhanced security.

function onLogin(btnName) {
    var parameters = getFormValues();

    //if (!validateParameter(parameters.userName, parameters.password))
    //    return;

    $.ajaxSetup({
        beforeSend: function (xhr) {
            xhr.setRequestHeader(parameters.antiForgeryTokenName, parameters.antiForgeryToken);
        }
    });

    var getSecuritySettingsUrl = getVirtualDirectoryUpdatedURL("/login/GetSecuritySettings");
    
    $.ajax({
        url: getSecuritySettingsUrl,
        type: "GET",
        contentType: 'application/json; charset=utf-8',
        success: function (result) {
            try {
                var response;
                if (result.IsHashed) {
                    var decryptedData = decryptWithDefaultSetting(result.viewData);
                    if (decryptedData.isError) {
                        alert(decryptedData.result);
                        return;
                    }
                    response = JSON.parse(decryptedData.result);
                }
                else {
                    response = JSON.parse(result.viewData);
                }

                if (response.IsPasswordHashed) {
                    if (isNullOrUndefined(response.SaltText)) {
                        throw new Error("Please refresh the page and try again");
                    }
                    encriptPass = encryptByInputKey(parameters.form["Password"].value, response.SaltText).result;
                }
                $('#btnType').val(btnName);
                $('form input[name="Password"]').val(encriptPass);
                $('#loginForm').submit();
            } catch (error) {
                console.log(error);
                if (!isNullOrUndefined(error)) {
                    if (!isNullOrUndefined(error.message)) {
                        alert(error.message);
                    }
                    else if (!isNullOrUndefined(error.Message)) {
                        alert(error.Message);
                    }
                    else {
                        alert("Some error has occurred. Please refresh the page and try again");
                    }
                }
            }
        },
        error: function (xhr, textStatus, error) {
            console.log(xhr);
            alert("Please refresh the page and try again : " + xhr.statusText);
        }
    });
}

javascriptsecuritychromium

Answer №1

Previously, I tackled this issue by adding salt to the user's password input, hashing it in the frontend, and sending both the salted value and hash to the server for authentication. It is crucial to apply the same salt during the server-side validation of passwords.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Tips for customizing the time selector in material-ui-time-picker

Is there a way to enable keyboard input control for the material-ui-time-picker? Currently, it only allows editing when clicking on the clock interface. Here is a snippet of my code: import React, { Component } from "react"; import { TimePicker } from " ...

javascriptreactjsmaterial-uitimepicker

How to utilize AJAX in jQuery to retrieve data from an external URL

Seeking a solution to call an external URL that returns JSON response without success on my development server. After exploring various resources like this and this post, I have tried multiple approaches. Currently, the code I am using looks like this: $( ...

javascriptjqueryhtml

Tips on displaying a confirmation box when the page is refreshed or closed

I need to implement a confirmation box for users who try to close the window without saving the content of a textarea within a form. Here is the code I currently have: var myEvent = window.attachEvent || window.addEventListener; var chkevent = window.att ...

javascriptjqueryhtml

Tips for aligning the dropdown menu to start from the border of the menu bar instead of displaying directly below the text

I have designed a menu-header section for my website, inspired by this image. I created a fiddle to showcase it. However, I am facing an issue where the dropdown elements for "PROGRAMS" and "WORLD OF NORTHMAN" should start from the border of the header ins ...

javascriptjqueryhtmlcss

The animation only applies to the initial item in ngRepeat

After implementing async data loading in my application, I noticed that NgRepeat only animates the first element in an array. Check out the example on jsFiddle Here is the HTML code snippet: <div ng-repeat="x in data"></div> And here is the ...

javascriptangularjs

Utilize separate CSS files in React components for better organization

Hello, I have encountered an issue with splitting my components and using react-router-dom. I decided to split the CSS for each component, such as Main.jsx - Main.css and CustomerBase.jsx - customerbase.css. However, the problem I am facing is that the CSS ...

javascriptcssreactjsreact-router-dom

When a function is transferred from a parent component to a child component's Input() property, losing context is a common issue

I have encountered an issue while passing a function from the parent component to the child component's Input() property. The problem arises when the parent's function is called within the child component, causing the this keyword to refer to th ...

javascriptangulartypescriptthis

How can the Header of a get-request for an npm module be modified?

Currently, I am utilizing an npm module to perform an API request: const api_req = require('my-npm-module-that-makes-an-api-request'); However, I am seeking a way to modify the user-agent used for requests generated internally by the npm module ...

javascriptnpmgethttp-headersspoofing

Encountering issues with adding/updating meta tags in angular5

Here’s the code I’m using to dynamically add or update meta tags in Angular 5: import { Title ,Meta} from '@angular/platform-browser'; constructor( private meta:Meta) { this.meta.addTags([ {name: 'description', conte ...

javascriptangularangular5

Best practices for distinguishing between template and style for mobile and desktop in Angular 2 components

Creating templates for mobile and desktop requires unique designs, but both share common components. To ensure optimal display on various devices, I plan to store separate templates and designs for mobile and desktop in distinct files. The goal is to inc ...

javascriptangulartypescriptresponsive-designfrontend

Troubleshooting: Issue with XMLHTTPrequest functionality

I am attempting to make a request to a service using two different methods 1) Using XMLHTTPRequest -> Currently not functioning correctly Error message: JSON.parse unexpected end of data in line 1 col 1 function createCORSRequest(method, url) { ...

javascriptjqueryajaxcors

When encountering error code EINTEGRITY during npm installation, a warning about a potentially corrupted tarball may be displayed

I have been facing an issue for the last three days with my react+vite project on Windows 10. Whenever I attempt to install dependencies using npm install, I encounter the following error: npm WARN tarball tarball data for fast-levenshtein@https://registry ...

javascriptreactjsnode.jsnpmnode-modules

Adding row numbers to a table generated by a JQuery DataTable with server-side data source can be achieved by implementing a custom function

Utilizing JQuery and DataTable to display data, I am unable to add row numbers to the grid generated on the client-side. Below is a snippet of my code: HTML <table id="applications_list" class="table table-bordered datagrid"> <thead> ...

javascriptjquerydatatable

Click the button to increase the counter up to 2, and then decrease it back to 0 starting from 2

I'm struggling to implement this efficiently. My count keeps incrementing and decrementing by 1, causing me to get stuck at the value of 1 without going back down to zero. using react: jsfiddle The counter increases from 0 to 2 when onClick() is tri ...

javascriptreactjs

The execution of Ajax is not taking place

Hey, I'm facing an issue with AJAX in my project. It's working fine in other files, but for this specific instance where I call scripts/claim.php and pass an id parameter via GET, it's not functioning as expected. HTML <input type="hidd ...

phpjavascripthtmlajax

Save a callback function as a variable and execute it independently from the higher-order function

I am trying to assign a callback function to a component variable... For example: ... export class MyComponent { private myCompVar: any; myFunc = function(callback: (number) => void): void { this.myCompVar = callback; ...

javascripttypescriptangular

How can I protect a PHP file containing AJAX functions being accessed by jQuery?

There is a PHP file with AJAX functions that do not require authentication located in the directory. ('config/ajax.php') I am looking to increase security measures and prevent unauthorized access to the data returned by these functions. Is ...

phpajaxsecurityauthentication

Achieve the hidden div scroll effect in React by initially hiding the div and then allowing

I am currently working on a web chat application using next.js. One of the features is an emoji picker button that, when clicked, displays a menu of emojis. The issue I am facing is that in order for the user to see the emoji menu, they have to scroll down ...

javascriptcssreactjsnext.js

Getting the result from a JavaScript request, whether it's synchronous or asynchronous

This code snippet involves a function that starts with a synchronous comparison test == 0. If the comparison is true, it returns one piece of content; however, if it's not, an asynchronous request is made. The goal here is for the latter part to retur ...

javascriptjqueryajaxasynchronous

Outputting PHP variables in JavaScript is a common practice used to pass

I am struggling to use a variable in my JavaScript code. I have attempted a few methods but none seem to work. The variable I need to include in the JavaScript is option-<?php echo $option['product_option_id']; ?> Below is my current Java ...

phpjavascriptjqueryvariablesecho