Hacker’s Delight: Google Chrome’s Security Flaw

Earlier this month, the internet was in an uproar over a security flaw (or feature) that was discovered in Google Chrome. As an avid Chrome user, I was shocked to find out what all the noise was about....saved passwords.

While working in Chrome, Elliot Kember noticed a hidden "feature" while working in Chrome that allowed users to dig and find their saved passwords.

Later reported by The Verge, users' saved information (passwords, credit cards, etc.) could be at risk and accessible to anyone who glanced long enough at the settings.

Just in case you were wondering....Check out the pictures below.

secure chrome passwords

Clarification came in from the Google squad by way of Justin Schuh, Chrome security lead, responded via Y Combinator about this supposed "flaw".

So, Chrome uses whatever encrypted storage the system provides to keep your passwords safe for a locked account. Beyond that, however, we've found that boundaries within the OS user account just aren't reliable, and are mostly just theater.

In my opinion, I've always loved this feature. I tend to forget my passwords weekly so I love that Chrome offers this feature. I can see why is also a dangerous tool.

secure saved passwords

Solutions:

Use Firefox or Safari. Or just log out when sharing your computer with others. I personally have a guest account for when my friends come over to visit. They just LOVE to change my Facebook status.

Use a strong password, meaning something random with numbers and punctuation. (Not your name, phone number or any other personal identifiers!)

Use different passwords for different sites. (Your e-mail, Facebook and Twitter should all have different passwords)

If you have used the same password on different sites, switch it to something more secure. (Don't you just hate when your job makes you change your password every six months? Deal with it. Hackers are getting smarter everyday)

Other options:

1Password- Have you ever had to reset a major password that you just KNEW was the correct one? 1Password solves all those "Forgot Password" queries and stores them all behind a Master Password. You remember your Master Password and 1Password will remember the rest. id="mce_marker"7.99

LastPass- LastPass is another password manager that automatically syncs up with all of your browsers and has a one step login. One of the great features of this program is that it allows you to share passwords, in case you work in a large team environment and want to transmit them securely. Free/Premium 

 

 How well do you secure your passwords? Did you know about this feature in Chrome?

Sound off below!

Comments

In order to comment on BlogHer.com, you'll need to be logged in. You'll be given the option to log in or create an account when you publish your comment. If you do not log in or create an account, your comment will not be displayed.