I've titled this a problem with Google Chrome, but it is really a problem with how you might be assigning passwords to web sites that require user ids and passwords. If you tend to use any of the several hundred million passwords that are commonly used and sold on the "black net." you've got a problem. You can understand the depth and breadth of the problem by reading this article:
https://techcrunch.com/2016/05/18/117-million-linkedin-emails-and-passwords-from-a-2012-hack-just-got-posted-online/.
Here's the problem with Google and Chrome. There are some "Ifs"
If:
- You use any of the several hundred million passwords being sold on the "black net" for your Google login (ie, log in to Chrome to access all the Google apps and features from Chrome).
- You use Chrome to save passwords to web sites,
Then: All those user ids and passwords that Chrome has saved are available to any person that can hack your google account. It is done by going to http://passwords.google.com/. Log in there and you will see all your passwords.
There are some caveats that will save you from this hack, but, for this blog entry, my advice to you is to
never use Google Chrome to save your web site userids and passwords. You have to turn that feature off and you have to delete all the user ids and passwords that have been saved.
Here is the Google help on this feature:
https://support.google.com/chrome/answer/95606?hl=en
No comments:
Post a Comment