Major Web Browsers Fail Password Protection Testing

Dennis Faas's picture

The password management feature in your favorite web browser could be helping identity thieves steal your personal data, according to a survey recently conducted by Chapin Information Services (CIS). Internet Explorer, Firefox, Opera, Safari and Chrome are vulnerable to a total of 20 vulnerabilities that could result in exposing your password-related information.

Three problems are among those that, when combined, allow password thieves to steal your password without your knowledge:

  • The destination where passwords are sent is not checked.
     
  • The location where passwords are requested is not checked.
     
  • Invisible form elements can trigger password management.

Google's new Chrome browser was among the worst offenders. According to the study, Chrome's password manager contains multiple un-patched issues that "form a toxic soup of potential vulnerabilities that can coalesce into broad insecurity." Apple's Safari for Windows browser also failed a majority of the tests. (Source: zdnet.com)

More information on the technical details of the test can be found at Chapin Information Services. (Source: info-svc.com)

You can also test your web browser using the password management demonstration at the CIS website:

http://www.info-svc.com/news/2008/12-12/pm-evaluator/

Visit Bill's Links and More for more great tips, just like this one!

Rate this article: 
No votes yet