Tech content trusted by users in North America and around the world
6,418 Reviews & Articles | 42,796 News Posts
TRENDING NOW: NVIDIA acquires Valve, announces Half-Life 3 release for 2016

Chrome in last place for Password Security

Ties with Safari

| Hacking & Security News | Posted: Dec 15, 2008 2:35 pm

Last week Google's Chrome crawled out of Beta Status and into the realm of final software. But is this really a good thing?


Prior to its release Chrome can under scrutiny for caching and saving all browsed pages, sending search data to Google and for having very poor security.


Now we can add a lack of good password security to the list of issues with Chrome. According to a report from Chapin Information Services Chrome tied with Safari for last place in terms of password security.


Read the full report here.


Chrome in last place for Password Security

Among the problems are three in particular that, when combined, allow password thieves to take passwords without the user's knowledge.


1 - The destination where passwords are sent is not checked.
2 - The location where passwords are requested is not checked.
3 - Invisible form elements can trigger password management.


A technique described and demonstrated by CIS two years ago leveraged such vulnerabilities without using client-side scripting. The implication was that an attacker need not have full control over a target server or a victim's computer to obtain a password from their web browser.


Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Up Or Down