Google Chrome’s Password Security is Absolutely Zero

Posted on 08/31/13
By |
Photo by Dev.Arka, Creative Commons License
Photo by Dev.Arka, Creative Commons License

By Jehangir Khattak

Google’s Chrome may be one of the most popular browser in the world, but it may have another distinction too — It is one of the most vulnerable in terms of password security as well. Google acknowledges the huge security flaw but has no plans to rectify it, reports Charles Arthur in the British daily The Guardian.
The flaw, says Charles Arthur, offers unrestricted password access to anyone with access to user’s computer because plain text logon details for email, social networks and company systems are stored in the browser’s Settings panel.

Besides personal accounts, sensitive company login details would be compromised if someone who used Chrome left their computer unattended with the screen active.Seeing the passwords is achieved simply by clicking on the Settings icon, choosing “Show advanced settings…” and then “Manage saved passwords” in the “Passwords and forms” section. A list of obscured passwords is then revealed for sites – but clicking beside them reveals the plain text of the password, which could be copied, or sent via a screenshot to an outside site.But the head of Google’s Chrome developer team, Justin Schuh, said he was aware of the weakness and that there were no plans to change the system.

Chrome is one of the three most widely used web browsers in the world. Web designer Elliot Kember discovered the flaw while exploring the privacy settings of the Chrome.
According to Eric Lubbers, the Mobile Editor of The Denver Post, despite Chrome’s absolutely zero password security, there are still ways to secure the password information. In his blog, Eric identifies four precautions for personal information security on the Chrome. These include:
  • Make sure your computer is password locked at all times
  • Don’t let anyone use your computer. Ever.
  • Use an encrypted password manager like LastPass or 1Password
  • Turn off Chrome’s password manager
Online privacy and digital security has turned out to be the most hotly debated subject following disclosures by whistleblower Edward Snowden about National Security Agency’s massive “prism” surveillance program. It is this growing concern and public debate that lead to the announcement of a major reform of the program by President Barack Obama on August 9.
Some critics are calling the reforms as insufficient, yet many more are calling it as a step in the right direction. There is a near consensus on the importance of the program for the American national security in the Congress.
The online security debate has also brought business bonanza for some little known search engines such as DuckDuckGo. The main reason for the overnight popularity of this 20-person Philadelphia-based business offers what none of the big search engines do: zero tracking.
Charles Arthur in another recent article in The Guardian noted: “If the NSA demanded data from DuckDuckGo, there would be none to hand over.’
Click here to read the full article.

Check Also

Queen Elizabeth II: A Modernizer Who Steered the British Monarchy into the 21st Century

Her wisdom and unceasing sense of duty meant she was widely viewed with a combination of respect, esteem, awe and affection, which transcended nations, classes and generations. She was immensely proud of Britain and its people, yet in the end she belonged to the world, and the world will mourn her passing.

As Colorado River Dries, the U.S. Teeters on the Brink of Larger Water Crisis

The levels in the nation’s largest freshwater reservoir, Lake Mead, behind the Hoover Dam and a fulcrum of the Colorado River basin, have dropped to around 25% of capacity. The Bureau of Reclamation, which governs lakes Mead and Powell and water distribution for the southern end of the river, has issued an ultimatum: The seven states that draw from the Colorado must find ways to cut their consumption — by as much as 40% — or the federal government will do it for them.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.