Very interesting find, and I can confirm the same thing happens in IE6. I can reproduce it by placing the cursor at the beginning of a password typed-in like "1234 56789 0ABCDE FGHIJK" and then use CTRL+RIGHTARROW to move through the asterisks just as if the spaces were there. (CTRL+RIGHTARROW in some applications like IE will move you to the next 'word' in a textbox.) This can come in handy when I typo part of a password and don't want to retype it all, but this does have some slight security implications. -Mattie! Mattie Casper http://me.mattie.net ----- Original Message ----- From: "Jon Embury" <jon.embury@f1solutions.com.au> To: <bugtraq@securityfocus.com> Sent: Tuesday, November 20, 2001 3:28 PM Subject: MS IE Password inputs > Just something I've noticed on IE 4 & 5.5 > > If you enter a password that contains a mix of non-alphabetic and alphabetic > characters to an MS IE password input and then use the keyboard to select it > while holding down tab the cursor / selected region jumps between the > non-alphabetic characters in exactly the same manner as it does when you > apply the same technique in word, Interdev, vb etc. > > It doesn't reveal the password, but it would seem to reveal at least some of > the structure. > > Eg > > 1 2 3 4 5 > > > Jon Embury > Developer, F1 Solutions > www.f1solutions.com.au > >
