Email security when logging in from someone else's computer
by DBM01 - 4/11/12 1:14 AM
Lets say a person P logs in to his gmail account from a computer Q which is either a public computer or someone else's computer. He forgets to enable private browsing. He realizes this later but he no longer has access to the computer Q. He changes his password to prevent further access but there may have been a few hours or days when his password was available on Q's browser.
Now, I can think of two kinds of commonly used software that download web-based email to a computer. The first is an email client such as Outlook and the other is Google Desktop (for gmail only). In both these cases, one needs to configure the software for accessing email by specifically providing one's login and password.
Now lets say the computer Q has Google Desktop as well as an email client such as Outlook. Is it possible that the settings in Google Desktop/Outlook are such that the login/password are automatically imported from the browser and emails downloaded until P actually changes his password. To my knowledge, this cannot happen but I would like to know the opinion of the experts here.
Note that I am not talking about any malicious software in the computer Q that records keystrokes or imports passwords. Nor am I talking about the possibility of another person using the passwords stored in Q's browser to access P's gmail account.
While both these are real possibilities, my question is restricted to legitimate settings in software such as Outlook and Google Desktop, which enable them to automatically import logins/passwords from a browser, as and when a user saves them in the browser, and download emails from the user's gmail account.