Results 1 to 11 of 11
  1. #1
    Star Lounger
    Join Date
    Feb 2010
    Location
    Washington State, USA
    Posts
    97
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Are Chrome 9 passwords secure?

    How secure are the passwords Chrome 9 saves and enters for the user?

  2. #2
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    I would never use the pasword manager of the browser. I use both IE 9 RC and Chrome 11 beta and don't trust either with my passwords. I use a 3rd party password manager from Last Pass. I can access my Last Pass account from ANY PC just by installing the browser plugin and entering a master password. This works fantastic.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  3. #3
    Star Lounger
    Join Date
    Feb 2010
    Location
    Washington State, USA
    Posts
    97
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by tedshemyers View Post
    I would never use the pasword manager of the browser. I use both IE 9 RC and Chrome 11 beta and don't trust either with my passwords.
    Please tell me the reason you don't trust Chrome's password manager.

  4. #4
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    I do not believe it is as secure, and is not encrypted.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  5. #5
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    The lack of encrption is not that big a deal for a home desktop PC. Very important for a laptop or netbook that could be stolen or looked at when out and about.

    Jerry

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    Massachusetts
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jwitalka View Post
    The lack of encrption is not that big a deal for a home desktop PC. Very important for a laptop or netbook that could be stolen or looked at when out and about.

    Jerry
    I disagree. The locally stored passwords should be encrypted, whether the PC is mobile or not- as they can be accessible to malware. Firefox does this, and I'd be surprised if Chrome does not.

  7. #7
    Star Lounger
    Join Date
    Dec 2009
    Posts
    77
    Thanks
    5
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by tedshemyers View Post
    I would never use the pasword manager of the browser. I use both IE 9 RC and Chrome 11 beta and don't trust either with my passwords. I use a 3rd party password manager from Last Pass. I can access my Last Pass account from ANY PC just by installing the browser plugin and entering a master password. This works fantastic.
    Don't mean to divert the topic but I am leery of online password keepers. I realize that supposedly you create a master password that only you have but after all they own and have physical access to the servers on which this info is stored.

    How can you trust that data? I use Roboform, the PC resident version.

    Jim

  8. #8
    New Lounger
    Join Date
    Dec 2009
    Location
    Naples, FL USA
    Posts
    6
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Always Encrypted

    <<I realize that supposedly you create a master password that only you have but after all they own and have physical access to the servers on which this info is stored.>>

    I don't currently use any password management software, so I have no direct experience, but I understand that some packages, LastPass for example, encrypt on your PC and send only encrypted data to their server, so they never have direct access to your passwords.

  9. #9
    New Lounger
    Join Date
    Dec 2009
    Location
    Albany, Oregon, USA
    Posts
    2
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by NSILMike View Post
    I disagree. The locally stored passwords should be encrypted, whether the PC is mobile or not- as they can be accessible to malware. Firefox does this, and I'd be surprised if Chrome does not.
    Firefox requires a master password to view the stored passwords; Chrome 9 does not. Here's Chrome's instructions; when I did it, the passwords were available by clicking on any URI or username.

    Click the wrench icon on the browser toolbar.
    Select Options (Preferences on Mac and Linux; Settings on Chrome OS).
    Click the Personal Stuff tab.
    Click Manage saved passwords to see a list of all the usernames and passwords that have been saved.

  10. #10
    New Lounger
    Join Date
    Jan 2011
    Location
    UK
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yes, the Chrome Password manager has a weakness if you have untrustworthy people with access to your computer. There is no Master password facility in Chrome. Here we are talking of 'local' security.

    But I like the idea of a Browser password manager - and I use it extensively for convenience - for sites like Windows Secrets. I have no one near my computer likely to misuse my accounts. Btw, the Chrome passwords are encrypted.

    For sensitive passwords, banking etc.. I use Roboform - and only activate it in the browser when needed.

  11. #11
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by discs View Post
    Yes, the Chrome Password manager has a weakness if you have untrustworthy people with access to your computer.
    With the rapid spread of botnets, it appears that many people have allowed untrustworthy people into their computers...

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •