Mark Breen
marklbreen at gmail.com
Mon Sep 26 04:44:27 CDT 2011
Hello All, Just thought I would share an experience with you. My brother (the security guy) dropped in on Friday morning. I was working, building a pc at another desk and not using my own machine. He asked if he could check his email. I said work away. Ten seconds later, he started calling out a bunch of my passwords that I use for various services, websites etc. Of course some of them overlap and are the same passwords. Can you guess how he did it? In Chrome you click the wrench, personal stuff and manage saved passwords. in FF you click Tools options, privacy and saved passwords probably IE has it also, but who uses that ! No encryption, no hashing, just passwords in clear text. So if someone gains access to your machine, you better hope you only have saved your low security passwords in your browser. Can you be 100% sure you did not accidentally save one of your important passwords? Can you be sure you will not do so in the future. remember to check all browsers on your machine. It was quite surprising to hear Stephen simply shout out my passwords like that, within 10 seconds of sitting down. Mark