Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari and Chrome: Tied For the Worst Password Manager

Posted by CmdrTaco on from the remember-this dept.

Startled Hippo writes "Safari and Chrome are tied for the worst password manager built into a major Web browser, according to a new study on the issue produced by Chapin Information Services. One problem is that some password managers can be tricked into submitting different password credentials to different parts of the same Web site. The bug has been fixed in Firefox, but Chrome and Safari are still vulnerable to this kind of attack."

17 of 218 comments (clear)

  1. users can be tricked too... by Anonymous Coward · · Score: 5, Funny

    http://www.bash.org/?244321

  2. Aha! by fbish · · Score: 5, Funny

    Luckikly, all my passwords are exactly the same, so I'm fine.

    1. Re:Aha! by fbish · · Score: 5, Funny

      Luckily, I also cannot spell.

    2. Re:Aha! by Yvan256 · · Score: 4, Funny

      "exactly the same" is a bit strange for a password, isn't it?

    3. Re:Aha! by genner · · Score: 4, Funny

      "exactly the same" is a bit strange for a password, isn't it?

      No it's perfect. If you get torchered you'll be screaming that all your passwords are extactly the same and your captors will be clueless as to why they can't break you.

    4. Re:Aha! by deroby · · Score: 3, Funny

      Some years ago we used to have a stand-alone machine for testing using a local account. As most members of the team needed to be able to log on to it now and then I came up with "just leave it empty" as a password. Whenever someone forgot and had to ask for it, we simply would yell across the floor : that password ? Just leave it empty ! Those who 'knew' remembered then and were able to log in. Others who had overheard it and wanted to use our mega-powerful-machine tried logging in using a blank password, but were stumped to find out they couldn't..
      Aaahh, all the fun one can have in the office =)

      --
      If there is one thing to be learned on slashdot, it has to be sarcasm.
    5. Re:Aha! by S.O.B. · · Score: 3, Funny

      I think my old, ex-password is rather strange: "physicsastronomylover" - dates all the way back to my first BBS in 1987. My two favorite subjects in school.

      I thought it was because you make love with a lever and a planetary body (insert joke here).

      --
      Some of what I say is fact, some is conjecture, the rest I'm just blowing out my ass...you guess.
    6. Re:Aha! by Tony+Hoyle · · Score: 2, Funny

      Confess! Or I'll shine this Maglite in your face again!

  3. I Use A Mac... by Telephone+Sanitizer · · Score: 5, Funny

    ...So I'm safe, right? ;-)

    1. Re:I Use A Mac... by MobileTatsu-NJG · · Score: 2, Funny

      Isn't it time Firefox supported the Mac Keychain? :-/

      It'll happen pretty quickly once Opera supports it! :D

      --

      "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)

  4. Comment removed by account_deleted · · Score: 5, Funny

    Comment removed based on user account deletion

  5. I should get out more often... by jonaskoelker · · Score: 5, Funny

    http://www.bash.org/?244321

    I don't need to go there. I know the answer is "hunter2" (if you're the guy, I just copy-pasted the ***s from bash.org, that's why it shows up as hunter2 on your screen).

    Is that a sign I should get out more often? ;)

  6. Comment removed by account_deleted · · Score: 4, Funny

    Comment removed based on user account deletion

  7. Re:Is this really worth noting? by tomknight · · Score: 4, Funny

    I can see why you post anonymously!

    --
    Oh arse
  8. Re:Never use password managers by poopdeville · · Score: 5, Funny

    I often leave notes for desk-Nazi's like you: "e@t_a_d1ck" or "Stop looking under my keyboard, asshole"

    --
    After all, I am strangely colored.
  9. Perfectly secure by daybot · · Score: 2, Funny

    I find Safari's password manager perfectly sec^H^HONLINE MEDS, CHEAP V1AGRA, NO PRESCRIPT1ON REQUIRED

  10. Re:Is this really worth noting? by asdfghjklqwertyuiop · · Score: 3, Funny

    trust no one with your passwords.

    Really? Not even the people who wrote your web browser?