RussyRover > 12/08/2013, 11:20
footcrazy > 12/08/2013, 12:15
(12/08/2013, 11:20)RussyRover Wrote: Just saw a warning earlier about Chrome, so if you are a user, you may want to know... I don't use it myself but it seems rather lax of them!!!
If you're using the Google Chrome browser I'm afraid I've got some bad news. A new security flaw in the browser means that I would advise you stop using it immediately (up to you of course...).
The problem isn't a software bug as such, but a feature that is badly implemented.
You see, if anyone manages to get access to your computer - even for a second - they can see all of the website passwords that you have stored in Chrome.
That's because, when you type in the following link to the address bar of Chrome, it immediately shows all saved passwords without prompting for an encryption key:
chrome://settings/passwords
All the attacker needs to do is click on the password then click Show to view it in plain text.
Chrome also uses your Google account to synchronise these passwords between all your copies of Chrome. So, if you store your passwords on your desktop machine because you think no one is likely to get access to it, the passwords can still be transmitted to your laptop and fall into the wrong hands.
If it is impossible for you to switch to a different browser because some particular website only works in Chrome for example, then you should immediately turn the password saving feature off as follows:
Type chrome://settings/ into the address bar of the browser and press [Enter].
Click on Show Advanced settings.
Untick all of the options under Passwords and forms.
Close the browser window.
FantasticMR > 12/08/2013, 13:08
Outlaw87 > 12/08/2013, 13:13
Arjan21 > 12/08/2013, 18:14
Harddick988 > 20/10/2013, 18:06