Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari and Chrome: Tied For the Worst Password Manager

Posted by CmdrTaco on from the remember-this dept.

Startled Hippo writes "Safari and Chrome are tied for the worst password manager built into a major Web browser, according to a new study on the issue produced by Chapin Information Services. One problem is that some password managers can be tricked into submitting different password credentials to different parts of the same Web site. The bug has been fixed in Firefox, but Chrome and Safari are still vulnerable to this kind of attack."

2 of 218 comments (clear)

  1. Re:Please! by BrokenHalo · · Score: 1, Redundant

    Incidentally, has anyone actually tried out the "Password Manager Evaluator v2.0" link from the FA with any other browsers? The author(s) claim Opera comes closest to addressing their criteria, which automatically sent the needle of my bullshitometer climbing. I was about to run it with Firefox but stopped at stage 1 where it told me to clear my existing saved passwords, and I didn't want to do that.

    Not that I save any of my high-value passwords at all, but I still manage to accumulate others that I would otherwise forget...

  2. I have to agree with the tags... by multimediavt · · Score: 0, Redundant

    Don't usually agree with some of the tags put on articles lately, but this one I do. "Canthackthebrain" and "useyourmemory" pretty much sum up my reaction to this post and the whole password thing in general. Your brain is the best place to store passwords, especially those that are used regularly. I have four or five strong passwords that I use on a regular basis, for different purposes. I used to use a password manager in the browser to keep track of them, but that quickly became a flawed strategy. Remembering four or five password and username combinations is not that difficult if you use them on at least a monthly basis. I have long known the cognitive principles behind memory with a primary being, in essence: Use it or lose it! The best way to remember something is to apply that stored information regularly.

    I use phrases with numbers and special characters in them to replace certain letters. These are either phrases from literature, songs or movie lines that I liked. I use four or five of them and rotate between them for a couple years, then up and change them all with a new set and use those for a couple years. I just found myself more comfortable typing in my passwords (once anyway, multiple times in a session gets rough...patch day!), than relying on a single master password that was often longer than the one needed for the particular login.

    Use your brain! It's the safest place to keep a password, and it helps keep your memory abilities sharp. Now, where did I put my effing car keys?!?!