I’m in the midst of building myself a Magento website these days, and I ran into a peculiar situation. I was filling out a form in the admin panel of my local Magento installation on Chrome, when it suddenly gave me a drop-down menu with suggested items. The thing is, these suggestions were stuff I typed into a different Magento website I built more than a year ago, and on a different PC. The fact that it remembers data for so long and transfers it from one PC I use to another, can be seen as a feature… I understand that. What I can’t regard a feature is that it’s a different installation of Magento using a different URL, but it still remembered the values I typed into the same fields in the admin panel.
This is far more than just an annoyance. Both admin panels are password protected and Magento admin panels sometimes hold credit card information (though it’s not a best practice). It’s crucial that nobody unauthorized would have access to this data. I repeat that these installations were sitting on different locations with different URLs. Now imagine a company that manages several Magento websites. If a certain employee only has authorization on one of those websites, he can still view values typed into fields on other installations that run from that particular browser, as long as someone is signed in with his Google account. These are the kind of security loopholes people can use to steal sensitive information from companies they work for.
I’m moving to Firefox.| Google Chrome remembers stuff I type into forms even when I’m not on the same URL. This is such an easy loophole I can’t imagine someone isn’t taking advantage of it already. I’m moving to Firefox.