- #WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME INSTALL#
- #WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME SOFTWARE#
- #WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME PASSWORD#
- #WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME PLUS#
- #WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME PROFESSIONAL#
The advantage, therefore, of using a separate "sync passphrase" is to make sure that anyone who has your Gmail password (presumably Google could, for example) will not have your sync password. I've seen situations where Chrome had successfully managed to log in and fetch its sync data through external authorization but was not able to decrypt it until I typed in the original Gmail password. Note that the actual password is in fact required access to the Google Account alone isn't sufficient. If you use your Google Account password, then the passwords are decrypted with no further intervention on your part. While I have no special knowledge of the internals of these two options, the implications appear pretty straight-forward. You can either use your Google Account (the default), or you can set a special "sync passphrase". In addition to any unintentional iCloud syncing as mentioned above, Chrome will also sync your passwords between Chrome instances. But bear in mind that Microsoft has a history of chasing Apple, and may decide to do so here as well.
Your passwords are on your computer, and there they stay until further notice.
#WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME PROFESSIONAL#
The Windows Exciting Names And Data Protection API Professional Edition boasts no such features. For example, if you ever sync your passwords on an OSX device, those passwords go into the Keychain (as mentioned) which has been re-branded the iCloud Keychain - the implications of which are exactly what they sound like: now Apple knows your saved passwords too, and will sync them to your iPhone, your iPad and any other Apple devices. If you're on Windows, it's the Windows Data Protection API (Microsoft has a peculiar skill for naming products), if you're on KDE, it's the Wallet, in GNOME it's Gnome Keyring.Įach of these products has its own implications that are worth noting. So for example, if you're on OSX, that's the system's Keychain. When passwords are saved locally on your computer, Google will attempt to use whatever local password vault might exist.
#WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME PLUS#
But there's are different aspects to this depending on the setting, plus a few details that you should keep in mind. NOTE This answer may be outdated due to improvements in Chrome since this answer was written.įirst of all, Chrome does encrypt your passwords and other secret data. I'm asking about intelligent malicious hackers. PS: I don't care about friends, family or novices gaining access to my account. Is that true?Īlso, from a practical perspective, is one or the other more likely to be hacked in real life? Are there certain attack vectors which are more common or more successful that would work one one of these or not the other?
#WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME SOFTWARE#
With those givens, all other things being equal, is LastPass any safer than Chrome? It seems like once malicious software gets on my system, or a bad guy has access, it doesn't matter from a theoretical perspective, I'm 100% compromised. Chrome lets you create a separate password for Google's synced data (read: stored passwords).LastPass has an option to stay signed in on a trusted computer.There are two additional facts that are relevant here: I've been using LastPass under the assumption that it is better and safer than using Chrome's built-in password manager. Because in effect, that's really what they get. When you grant someone access to your OS user account, that they can We've debated it over and over again, but the conclusion we alwaysĬome to is that we don't want to provide users with a false sense of Password or something similar, even if we don't believe it works. We've also been repeatedly asked why we don't just support a master There are just too many vectors for him to get what he wants.
Once the bad guy got access to your account the game was lost, because
#WHICH IS MORE SECURE SAFARI OR GOOGLE CHROME INSTALL#
Or install OS user account level monitoring software. Install malicious extension to intercept all your browsing activity, Said bad guy can dump all your session cookies, grab your history, Within the OS user account just aren't reliable, and are mostly justĬonsider the case of someone malicious getting access to your account. Beyond that, however, we've found that boundaries So, Chrome uses whateverĮncrypted storage the system provides to keep your passwords safe forĪ locked account. Your password storage is the OS user account. I'm the Chrome browser security tech lead, so it might help if IĮxplain our reasoning here. Justin Schuh defended Google's reasoning in the wake of this post detailing the " discovery" (sic) that passwords saved in the Chrome password manager can be viewed in plaintext.
0 kommentar(er)
