Tech content trusted by users in North America and around the world
6,726 Reviews & Articles | 46,151 News Posts
TRENDING NOW: AMD's dual Fiji chip spotted as Radeon R9 Gemini, is this the Fury X2?

Chrome in last place for Password Security

Ties with Safari
| Hacking & Security News | Posted: Dec 15, 2008 2:35 pm

Last week Google's Chrome crawled out of Beta Status and into the realm of final software. But is this really a good thing?


Prior to its release Chrome can under scrutiny for caching and saving all browsed pages, sending search data to Google and for having very poor security.


Now we can add a lack of good password security to the list of issues with Chrome. According to a report from Chapin Information Services Chrome tied with Safari for last place in terms of password security.


Read the full report here.


Chrome in last place for Password Security

Among the problems are three in particular that, when combined, allow password thieves to take passwords without the user's knowledge.


1 - The destination where passwords are sent is not checked.
2 - The location where passwords are requested is not checked.
3 - Invisible form elements can trigger password management.


A technique described and demonstrated by CIS two years ago leveraged such vulnerabilities without using client-side scripting. The implication was that an attacker need not have full control over a target server or a victim's computer to obtain a password from their web browser.


Related Tags

Got an opinion on this news? Post a comment below!
Subscribe to our Newsletter

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases