Monday, January 12, 2009

Security and Browser passwords

I was reading some stuff recently on the topic of securing Cloud Computing environments and came across this sobering article from CloudAve which should make you think.

From the article:

Unless you are paranoid in your computing world, like Dick Cheney wants you to be in the real world, you will save your passwords in your browser's password manager. In fact, many users don't even think about the impact of storing the passwords in the browser. If we are going to keep all our data in the clouds, including sensitive emails, banking information, etc., it is very important for us to rethink the way we store passwords.

As a cloud user, storing the passwords in the browser is akin to locking the door and keeping the key in the lock itself. If you think that is insane, it appears that the locks are not even locking the doors after you lock it with your keys. A recent study released by Chapin Information Services reports that all the browsers are doing a bad job in protecting the stored passwords. In particular, Google Chrome comes out to be the worst in the league.

I was, and I wasn't, surprised that Google were bottom of the pile. They are leading the charge for the world to move everything online so they should be concerned about passwords and security. Very surprising. Yet, I'm not surprised that Google Chrome is poor in this area since I haven't been very impressed with Chrome since it was released. I'm still using Firefox and haven't seen anything to make me want to change yet.