Washington: A security bug has been discovered in Google Chrome browser that allows the software to automatically display users' saved passwords while importing bookmarks from other browser.
According to ABC News, the web designer, Elliott Kember discovered the flaw while importing his bookmarks from Safari browser to Chrome and found that while there is a check mark to disable the password import it can't be unchecked on an Apple Mac device.
Google said that it would release the patch soon to users to better represent how passwords are handled across all platforms including syncing of passwords from Safari to Mac version of Chrome.
However, there is another bug in the browser found by Kember which states that if one imports those passwords to Chrome all the saved passwords are completely unprotected. By typing in chrome://settings/passwords in Chrome address bar one can see the saved passwords and usernames for the websites visited.
Siciliano further recommended users to go for two-factor authentication for e-mail and other important accounts, which requires users to confirm their identity with two pieces of log-in information and to make all passwords strong with a mix of upper- and lowercase letters and numbers, the report added.
No comments:
Post a Comment