G
Guest
Passwords*
Chrome draws criticism for storing passwords unprotected
- Thread starter Scorpus
- Start date
windmill007
Posts: 307 +5
I'm glad I use Firefox and it has that
Master password. Since I enabled that I feel better. I also assumed Firefox hide the passwords till I heard you have to enable the master password. Feel sorry for chrome folks. I will be getting a lot of co workers passwords now. J/k
Master password. Since I enabled that I feel better. I also assumed Firefox hide the passwords till I heard you have to enable the master password. Feel sorry for chrome folks. I will be getting a lot of co workers passwords now. J/k
This is why you get LastPass with two-way authentication. People who save their passwords and expect protection is like turning off all the lights and leaving your house for a month.
G
Guest
To be clear, Chrome only caches passwords for sites if YOU LET IT. Encrypted or not, anyone who would browse to that site with your browser would be allowed in due to the cached password. So, to be clear, caching passwords using any browser is still NOT SECURE.
Locking out your computer isn't adequate whatsoever either; any half-baked IT person can grab your Windows, OS X or Linux passwords in minutes with readily available free software.
The bottom line is that you should use LastPass or any other similar quality service if you have a lot of passwords that you need convenient but secure access to.
Locking out your computer isn't adequate whatsoever either; any half-baked IT person can grab your Windows, OS X or Linux passwords in minutes with readily available free software.
The bottom line is that you should use LastPass or any other similar quality service if you have a lot of passwords that you need convenient but secure access to.
G
Guest
Yes... smug levels are so high they're toxic. Look, security isn't about 'secure' and 'insecure', it's about more or less secure. It's true that with physical access to your computer a trained person can, with sufficient time, do anything they want. The key issues are the skill level of the intruder, and the time available. Most intruders wont be very skilled, and /or they wont have much time. Chrome's approach is just incredibly sloppy. With virtually no skill, and in no time, someone can grab a list of your passwords to take away and have fun with in their own time. The average user would expect that some kind of effort is made to protect their passwords, and they are entirely right to do so. They don't expect it to withstand an attack from the NSA, just make it harder for a jealous girlfriend / boyfriend to steal their Facebook password so they can go away and monitor all their private messages.... I get asked to do this for people a lot, by the way.
avoidz
Posts: 461 +59
I think it's being called human.
G
Guest
A head of security who says "it's by design" is not someone I'd like as head of security. This is ridiculous. It's true that if your account is compromised, you are in trouble, but security isn't always about always locking out the intruder with a single layer of security. Security comes in several layers. Even if the hacker manages to get into the account, you might be able to reduce the damage with further security measures. The fact that a head of security cannot understand this worries me.
As for storing passwords... actually, it's much safer than remembering your passwords because you can have a different password for every site and it can be as long and complex as possible - to the point where you can't remember it. By doing that, you are rendering it useless for hackers to try to crack your password. Otherwise, chances are you have easy to remember passwords - and only a few - to protect all your sites/accounts. Not safe.
As for storing passwords... actually, it's much safer than remembering your passwords because you can have a different password for every site and it can be as long and complex as possible - to the point where you can't remember it. By doing that, you are rendering it useless for hackers to try to crack your password. Otherwise, chances are you have easy to remember passwords - and only a few - to protect all your sites/accounts. Not safe.
G
Guest
Why all the sudden concern over this? Why is this so called news everywhere. The way the passwords are stored is NOTHING NEW. All of the sudden this is so called news everywhere you look on tech pages. If someone breaks into your home or office and steals your computer, or uses your computer, then change all your passwords. Options are many: don't save passwords, save to KeePass or use Internet LastPass, or password protect your computer ( yea, won't keep the pros out ). I use Firefox which has a Master Password -- so does Safari. Chrome is a good browser though - fast.
ViperSniper2
Posts: 49 +2
Oh gee.... by golly wow holly smokums. My grandma and 3yro, who don't have any better memory than I do, might actually be able to remember the over 50 passwords and sites respectively and access my Techspot Password! .....I'm so afraid with passwords like $23VY6k9G$c!90OrK. that I can't remember myself. So that's why I use a Password Tool or on my HP Laptop Fingerprint Recognition! ;-P
So what's going to happen when Motorola comes out with NFC Tag Password Pills? o_O And in Linux I'm really messed up because this Chrome Password revelation can all be exposed simply by finding out my unique keyring access phrase when I log on. Oh My Word, the calamity of it all if somehow my grandma was peaking over my shoulder or maybe even used my Security Camera to crack that code!!!! ^_^ ........... I mean I just know she or my son are Secret Sleeper SPIES of some kind or worse Aliens or teh SKYNET!!!! ;-P
BTW.... Cold Hard Facts of the matter, if we have to worry about someone in our own house taking advantage of us by accessing our Techspot Account or any other online account, we all need to crawl in a hole and just die. This is beyond ludicrous and why UNIX is DEAD outside of business, super computers or government. Suddenly you'd be treating everyone you let in your door like a criminal. Which is totally absurd and is better suited for Drug Addicts Protecting their stash or imagining the Comet on the counter is a line of Meth!!! lol..... Sensationalistic Hater Journalism at it's Finest!!!
So what's going to happen when Motorola comes out with NFC Tag Password Pills? o_O And in Linux I'm really messed up because this Chrome Password revelation can all be exposed simply by finding out my unique keyring access phrase when I log on. Oh My Word, the calamity of it all if somehow my grandma was peaking over my shoulder or maybe even used my Security Camera to crack that code!!!! ^_^ ........... I mean I just know she or my son are Secret Sleeper SPIES of some kind or worse Aliens or teh SKYNET!!!! ;-P
BTW.... Cold Hard Facts of the matter, if we have to worry about someone in our own house taking advantage of us by accessing our Techspot Account or any other online account, we all need to crawl in a hole and just die. This is beyond ludicrous and why UNIX is DEAD outside of business, super computers or government. Suddenly you'd be treating everyone you let in your door like a criminal. Which is totally absurd and is better suited for Drug Addicts Protecting their stash or imagining the Comet on the counter is a line of Meth!!! lol..... Sensationalistic Hater Journalism at it's Finest!!!
Similar threads
