Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why storing passwords in Chrome is a bad idea

Tony Bradley | Aug. 12, 2013
Google’s Web browser offers no protection to secure and protect your saved passwords.

In fairness to Chrome (and other browsers), this is not a remote vulnerability. In order to access and view the stored passwords, someone has to have physical access to your PC or device with the Chrome browser. One possible solution is to simply make sure your PC or mobile device is locked when not in use, and that you don't let other people borrow it, or at least log them in under a separate "guest" account so they don't have access to your personal browser settings.

But passwords aren't going away any time soon, and you have to manage the seemingly endless list of complex passwords somehow. A password management tool is an effective solution, and a better idea than using the password-storing feature in a Web browser. From a business security and compliance perspective, users should be governed by policies that prohibit storing passwords in this manner.

Kember ended with a challenge: "Today, go up to somebody non-technical. Ask to borrow their computer. Visit chrome://settings/passwords and click "show" on a few of the rows. See what they have to say."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.