LJ Juggler is an extension for Google's Chrome browser which makes it easy to switch between accounts.
It's still in the early stages, so there's a little list of things you should know about it.
- It works. The interface isn't the most convenient ever (mouse-only navigation), but it works.
It's only semi-secure. It's not plugged into a password manager, so the passwords are stored in your computer in plaintext. Someone would need physical access to your machine to get them, but you should know.
Wow. This hasn't been true since 2.0. Passwords are still not plugged into a password manager, so they're stored locally, but they're stored as hashes now, which is quite a bit more secure.
It's rather hacked together. There is one function in particular which is pretty bad for security. Logging in sends your password in the clear, which is naughty. (Ironically this is precisely what LJ does if you log in on their site, but it's still bad.)
This hasn't been true since 1.2 when we went to using HTTPS for logins, but it's even less true since 2.0 when we moved to cookie-based logins which use a hashing challenge/response security system which is pretty strong.
- It's open source. You can find the git repository over on github.
- It's a work in progress. If you're a coder, feel free to contribute, if you're not, well, feel free to toss me suggestions.
- You can get it here: install LJ Juggler.
- You can reach me at firstname.lastname@example.org.
IMPORTANT! You need to be logged out of LJ when you use LJ Juggler for the first time. This is because it doesn't know how to figure out what your current login is, so it can't switch away from it. After that first time, LJ Juggler will remember who you last logged in as, so this problem goes away.
Not true anymore. LJ Juggler is much smarter than it used to be!
Also worth noting! When you use LJ Juggler it will expire all your existing LJ sessions. This means that any other browsers which are logged in with that account will be logged out. So if you use Firefox and LJlogin, or just log in with a different browser (or from a different machine) sometimes, you'll need to log in again. Sorry it's a pain, but currently there is no simple work-around in Chrome for technical reasons.
Also not true anymore! The 2.0 version of LJ Juggler pretty much fixed all of the really ugly caveats on this page, and most of it came about due to the fact that Chrome has finally main-streamed their cookie manipulating APIs. I probably should have updated it weeks ago.
Special thanks to the LJlogin project. While I didn't end up reusing any of their (generously open-sourced) code, looking through their functions helped me figure out enough about LJ's authentication systems to get this up and running. Thanks bunches!