People who go through my real life training sessions often hear me warn as a “default behavior” to uncheck the “Save Password” box on the Second Life login screen. This is especially important in the open labs, and it is a bug, not a feature as far as I’m concerned, that the actual default is to have it checked.
Here’s yet another reason not to save it, even on your own computer: GNUCitizen points out a very easy way that a knowledgeable person could get your Second Life credentials. I’m handy with computers, but not a true geek. I will admit that I don’t understand how to do this, but I know enough to realize that with a little backgrounding even I could figure out how to apply this. I suspect it is a no-brainer to a real geek, and that would be about the only protection other than refraining from leaving your password stored in the SL client–you have to depend on real hackers to find such an approach too boring and unchallenging.
You don’t have to understand it to get the point: your stored password isn’t safe.
It’s much safer to just not save the password in the first place.
