Web Analytics Accidentally Collecting Passwords(freshpaint.io)
freshpaint.io
Web Analytics Accidentally Collecting Passwords
https://www.freshpaint.io/blog/rudderstack-collecting-passwords
8 comments
Have you ever accidentally typed your password into the username field and pressed enter? Now it is in some log somewhere.
Like Microsoft windows Recall maybe
https://support.microsoft.com/en-us/windows/retrace-your-ste...
https://support.microsoft.com/en-us/windows/retrace-your-ste...
Seems to have been memory holed: https://web.archive.org/web/20250128092802/https://www.fresh...
I honestly can’t decide what I hate more: the fact that secret values can just be accessed by any JS on the page or that people keep using telemetry libraries and services. Probably the latter, but I am honestly not sure.
A tale as old as time. Medical records, passwords, private comms... Why even pretend it's a bug and not a feature at this point?
super sketchy that they chose to remove it seemingly knowing it was necessary...
[2020]
page 404ing?