Holding password in javascript variable - security implications?

Question

Does holding a user\'s password in a javascript variable in the browser expose any specific security vulnerabilities, over and above the usual security vulnerabilities of a

Answer 1

Leaving the password in a variable leaves it open to people to access simply in their browser tools! lets say the function called when the store password button is pressed, stores the password in a variable called password. Even if this variable is not used on the page at all after that, simply handled later on somewhere in the code, all one has to do is open up the developer tools in their browser, add in a statement like alert(password); , and Bam, the password literally pops up infront of them.

Admitedly, any code simple enough to let someone do that is probably unworthy of being on the web, and even less worthy of being meddled with, but I guess it's a lesson in how vunerable we really are.