The Investor Sentiment - Equity and investments forum for Sri Lankans
Search
 
 

Display results as :
 


Rechercher Advanced Search

Latest topics
» Should CSE be like this? Whose FAULT is it?
Today at 2:33 pm by Ethical Trader

» Debenture issues
Sat Jul 14, 2018 10:34 pm by Danidu

» Quick Checklist for Selecting a Stock
Sat Jul 14, 2018 11:42 am by slstock

» Dividend Announcement
Fri Jul 13, 2018 10:06 am by Rana

» Hello and CSE ?
Fri Jul 13, 2018 10:05 am by slstock

» Films - To Watch List
Fri Jul 13, 2018 8:15 am by yellow knife

» කොටස් වෙළෙඳපොළේ ආයෝජනයේ දී දේශපාලන සබඳතා අනාවරණය අනිවාර්යයි
Thu Jul 12, 2018 9:02 pm by spw19721

» ගුහාවේ සිරවී සිටින දරුවන් පිටතට ගෙන්න මාස 04 ක් ගතවෙන ලකුණු
Wed Jul 11, 2018 7:43 am by serene

» කොළඹ කොටස් තවමත් අවුරුදු 8 කට කලින් තිබුණු තැනමයි
Wed Jul 11, 2018 7:37 am by serene

» 2018 ජූනි මාසයේ ඩොලර් මිලියන 434.53 කින් දී සංචිත වැඩි වුණේ මෙහෙමයි
Tue Jul 10, 2018 4:00 pm by Ethical Trader

» නිවාඩුවට රට යනවාටත් බද්දක්. සියලු වාහන හිමියන් බදු ගෙවිය යුතුයි – දේශීය ආදායම් කොමසාරිස්
Mon Jul 09, 2018 5:49 pm by Ethical Trader

» අනං මනං! #/+?.<>
Mon Jul 09, 2018 2:14 pm by yellow knife

» අටවන වරටත් ශ‍්‍රී ලංකාවේ හොඳම බැංකුව ලෙස ෆයිනෑන්ස් ඒෂියා කොමර්ෂල් බැංකුව තෝරාගනී July, 7, 2018
Mon Jul 09, 2018 11:53 am by nihal123

» ETI මිල දී ගන්නේ සිංගප්පූරු – ශ්‍රී ලංකා හවුල් සමාගමක්
Mon Jul 09, 2018 7:57 am by serene

» සුළු හා මධ්‍ය පරිමාණ ව්‍යවසායකයින් වෙනුවෙන් කොළඹ කොටස් වෙළෙඳපොළේ EMPOWER පුවරුව දියත් කෙරේ
Fri Jul 06, 2018 9:26 pm by Ethical Trader

» Sri raises fuel prices, future revisions weekly
Fri Jul 06, 2018 6:35 pm by Ethical Trader

» Sri Lanka holds rates, amid external jitters
Fri Jul 06, 2018 10:35 am by Ethical Trader

» Sri Lanka rupee weakens, stocks gain 1.22-pct
Fri Jul 06, 2018 10:34 am by Ethical Trader

» Sri Lanka's SMEs get chance to raise equity on liberalized board
Fri Jul 06, 2018 8:07 am by The Invisible

» Yahoo බිඳ වැටෙයි
Thu Jul 05, 2018 6:42 pm by Ethical Trader

» මුල් මාස 06 දී ලක්ෂ 11 ½ ක සංචාරකයින් ඇවිත්
Thu Jul 05, 2018 6:41 pm by Ethical Trader

» ධම්මික ශ්‍රී ලංකාවේ මුල් වරට Artificial Intelligence යොදා ගත් අධ්‍යක්ෂ මණ්ඩල රැස්වීමක් කැඳවයි
Thu Jul 05, 2018 8:01 am by serene

» තව වසර 3 කින් කොළඹ ඒක පුද්ගල ආදායම ඩොලර් 12,650 යි
Wed Jul 04, 2018 5:39 pm by Ethical Trader

» රාජපක්ෂ ආධාරකරුවන් ශ්‍රී ලංකාවේ මාධ්‍යවේදීන් බියවැද්දීම වැරදියි - New York Times
Tue Jul 03, 2018 5:32 pm by Ethical Trader

» කොමර්ෂල් බැංකුවට නව කළමනාකාර අධ්‍යක්ෂවරයෙකු සහ ප‍්‍රධාන මෙහෙයුම් නිලධාරියෙකු පත්කෙරේ
Tue Jul 03, 2018 5:27 pm by Ethical Trader

» Sri Lanka's ETI Finance able to settle small depositors if liquidated
Mon Jul 02, 2018 5:30 pm by Ethical Trader

» Cartoon of the day...
Sun Jul 01, 2018 9:10 pm by pee ratio

» උදයංග වීරතුංගට "ස්වේච්ඡාවෙන් ගමන් යන්න බැහැ"
Fri Jun 29, 2018 5:19 pm by Ethical Trader

» Sri Lanka s state hotel sales to go ahead next month: Finance Minister
Fri Jun 29, 2018 5:14 pm by Ethical Trader

» මාස 02 කදී කොටස් වෙළෙඳපොළ සියයට 4 කින් කඩා වැටිලා
Thu Jun 28, 2018 5:59 pm by Ethical Trader

» කොටස් වෙළෙඳපොළේ ආයෝජන ඉවත් කර ගැනීමට ජාතික ඉතිරිකිරීමේ බැංකුව යෝජනා කැඳවයි
Thu Jun 28, 2018 11:14 am by Ethical Trader

» සුරන්ගනීට මාලු ගෙනාවා - FIFA - Russia - 2018
Mon Jun 25, 2018 11:29 am by Ethical Trader

» Enterprise Sri Lanka to give extra credit support for women, disabled soldiers
Sun Jun 24, 2018 8:42 pm by sashimaal

» HUNA.N0000
Sat Jun 23, 2018 11:42 am by pjrngroup

» 2018 මැයි මස උද්ධමනය සියයට 2.1 ක් දක්වා ඉහළට
Sat Jun 23, 2018 8:31 am by Ethical Trader

» Laughter the Best Medicine
Fri Jun 22, 2018 8:11 pm by nihal123

» Sri Lanka is recovering, Central Bank threat looms: Bellwether
Fri Jun 22, 2018 10:20 am by The Invisible

» Sri Lanka's new forex law gets IMF thumps up
Fri Jun 22, 2018 10:16 am by The Invisible

» EU slaps tariffs on US as trade war erupts
Fri Jun 22, 2018 10:14 am by The Invisible

» Top monk asks Sri Lanka’s ex-defence chief to return as ‘Hitler’
Fri Jun 22, 2018 10:12 am by The Invisible

» May inflation at 2.1%
Fri Jun 22, 2018 2:06 am by sashimaal

»  මෙරට විශාලම ආයෝජනය වන හම්බන්තොට වරායේ අවසන් ආයෝජන මුදල වරාය අතට බාර දෙයි
Thu Jun 21, 2018 4:59 pm by Ethical Trader

» CCS.N0000 ( Ceylon Cold Stores)
Thu Jun 21, 2018 4:56 pm by Ethical Trader

» HHL.N0000 ( Hemas Holdings PLC)
Thu Jun 21, 2018 4:48 pm by Ethical Trader

» රුපියල තවදුරටත් පාවීමට ඉඩහැරිය යුතුයි - ජාත්‍යන්තර මූල්‍ය අරමුදල
Thu Jun 21, 2018 7:46 am by serene

» රජයේ සුරැකුම්වලින් රුපියල් බිලියන 2.7 ක විදෙස් ආයෝජන සතියක් තුළ දී ඉවතට
Wed Jun 20, 2018 9:11 am by serene

» ඩොලර් බිලියන 10 යි – මහ බැංකුව ඉතිහාසයේ වැඩිම විදේශ විනිමය සංචිතය ගොඩනගයි
Wed Jun 20, 2018 7:23 am by කිත්සිරි ද සිල්වා

» කිම් - ට්‍රම්ප් හමුව: දෙරටේ නායකයෝ සාකච්ඡා අරඹති
Sun Jun 17, 2018 10:55 am by Ethical Trader

» DOCK.N0000 (COLOMBO DOCKYARD PLC)
Sat Jun 16, 2018 8:20 am by spw19721

» TPL.N0000 (TALAWAKALE PLANTATIONS )
Thu Jun 14, 2018 7:17 am by lanka

July 2018
SunMonTueWedThuFriSat
1234567
891011121314
15161718192021
22232425262728
293031    

Calendar Calendar

Disclaimer


Information posted in this forum are entirely of the respective members' personal views. The views posted on this open online forum of contributors do not constitute a recommendation buy or sell. The site nor the connected parties will be responsible for the posts posted on the forum and will take best possible action to remove any unlawful or inappropriate posts.
All rights to articles of value authored by members posted on the forum belong to the respective authors. Re-using without the consent of the authors is prohibited. Due credit with links to original source should be given when quoting content from the forum.
This is an educational portal and not one that gives recommendations. Please obtain investment advises from a Registered Investment Advisor through a stock broker

Can You Trust Your Browser With Your Passwords?

Go down

Can You Trust Your Browser With Your Passwords?

Post by Rana on Sun Mar 13, 2016 12:20 pm

Source:www.pcworld.com/



Having your Web browser remember your passwords and/or credit card details can be convenient, but it poses some security risks. How much of a risk depends on which browser you’re using, whether you sync with other devices, and whether you’re using any of the browser's extra security features. Here are the main vulnerabilities in some of the most popular browsers—Internet Explorer, Google Chrome, and Mozilla Firefox—and ways you can protect against those weak spots.
Common Security Risks
The biggest problem with having your browser save your passwords involves prying eyes. Not only can other users who have access to your computer log in to your accounts and see your actual passwords or credit card details, but so can a thief if your computer, smartphone, or tablet gets lost or stolen. And the same risk applies if you haven’t properly erased your data from your PC when you get rid of it; whoever ends up with it next might be able to recover your information. Also, some viruses and malware can steal your saved passwords or credit card details.

As you’ve may have noticed, banking sites—and many others that deal with highly sensitive information—don’t let your browser save your password. However, if you use the same or a similar password on sensitive sites that you do on less-secure sites, someone else may be able to easily guess your banking password, for example.

Some browsers let you (or, potentially, thieves) view a list of your saved login credentials, including the site, username, and password. And for those that don’t, utilities like WebBrowserPassView can easily let you compile a list of them. This is handy if you forget a password or you want to evaluate all your passwords, but it's problematic if an intruder uses such software on your computer. Another way you (or thieves) can recover saved passwords is by using a utility like BulletsPassView to reveal the password behind a masked password field on a webpage or window.

In the next sections, we’ll take a look at three popular browsers—Internet Explorer 9, Chrome, and Firefox— to evaluate their credential-saving features, and discuss some tips for better securing them.

Internet Explorer 9
Internet Explorer 9 offers the most basic password-saving functionality of the three browsers we’re covering. Its AutoComplete feature can also remember your name, address, and other data you type into Web forms or search fields. It doesn’t provide a way for you to view saved passwords from within the browser settings: It only allows you to change the main settings and delete all AutoComplete history.



Not being able to view a list of the passwords can help prevent casual snooping. And even though you can still log in to sites the browser saved the password for, you can’t by default view the password itself. As mentioned before, however, a determined hacker can use a utility to see a list of all your saved passwords or to reveal the actual characters behind the password field on a login page.

Unfortunately, Internet Explorer 9 doesn’t offer a native synchronization feature to keep your settings and saved data synced across multiple computers or devices, but, from a security standpoint, at least that’s one less security risk you have to worry about.

Internet Explorer 10 in Windows 8 will provide new password saving and syncing features, but it’s not yet clear if they will be available when you use Windows 7. When I tested the Release Previews of Internet Explorer 10 and Windows 8, I found that you can view and manage saved browser passwords using the improved Credential Manager in the Control Panel. And for security, before you can view the actual saved passwords you must reenter your Windows account password, which can help prevent casual snooping by others.



Windows 8 will also offer a new synchronization feature that lets you sync passwords for apps, websites, and networks—in addition to Windows settings and preferences—across your other Windows 8 computers and tablets. For security reasons, before you sync your passwords with a new computer or tablet, you must log in to a Microsoft site and approve the new device. And if you’ve specified a mobile number on your Microsoft account beforehand, you'll get a confirmation code texted to your mobile phone that you must enter on the Microsoft site before the trust is granted and passwords are synced.

Google Chrome 21
Google Chrome provides a more feature-rich password-saving feature than Internet Explorer does, as well as an autofill feature that can also keep track of your credit card details. But while these can be great time-saving features, they also pose more security risks.

Chrome lets you—or a thief for that matter—browse through the list of saved usernames and passwords (alphabetized by site name) or enter the site name into the search field to filter the list.



For privacy, Chrome masks each saved password with asterisks, but you can click the entry and press the Show button to reveal the actual password. You can also change the password, but unfortunately Chrome doesn’t sense password changes, so it won't prompt you when you log in to a site with a new password. You must go to the saved password entry and update it manually.

You can view a list of all saved addresses and credit card details, including the name on card, the account number, and the expiration date. Chrome partially masks your credit card numbers with asterisks, but you can click the entry and then click Edit to reveal the full number. The only card detail not saved is the card's security code, which is often—but not always—required to make purchases.
http://images.pcworld.com/images/article/2012/08/chrome_autofill-11400290.png
Unfortunately, Chrome doesn’t offer a master password feature like Firefox does in order to protect all your passwords and credit card details. Thus, anyone who’s logged on to your Windows account can view all the saved passwords and credit card details.

Chrome offers a syncing feature to keep most of your settings and saved data (including passwords, but not credit card details) synced across multiple computers and devices, but this creates another security vulnerability. By default, Chrome only requires you to enter your Google account password to set up a new computer or device to sync your browsing data. This is a great convenience; but if your Google account password is hacked, the intruder can potentially access a list of all your passwords unless you set a syncing passphrase, as we’ll discuss.
To keep your saved passwords secured during syncing, Chrome encrypts them when they travel from your computers or devices to Google's servers (and vice-versa). You can also set the browser to encrypt all other synced data.
By default, Chrome uses your Google account password to encrypt and decrypt the synced data, but you can enter another passphrase if you want to add an extra layer of protection to your synced data. When you set up Chrome to sync on a new computer or device, you'll need to sign in with your Google account password and then also enter your encryption passphrase.

Firefox 14

Firefox offers advanced password-saving features that are even better than Chrome's. But while Firefox doesn’t natively support saving credit card details, at least that's one less security issue you need to worry about. As with Chrome, you can browse, search, and remove saved passwords via the Firefox settings.
   Though you can’t change the passwords in the settings, Firefox automatically senses password changes you've made elsewhere and asks if you want to update your password when you log on to a site with a password that’s different than what’s saved on your PC.

Unlike Chrome, Firefox lets you set a master password to encrypt and password-protect the saved password list.
You must enter the master password the first time you use a saved password, once per browser session. Additionally, even though you enter the master password the first time, you must always enter it before you can view saved passwords via the list in the Firefox settings. This is a great feature to help prevent casual snooping of your passwords, and it even prevents most third-party utilities from recovering them.

Firefox can also sync your passwords, settings, and other saved data among multiple computers and devices.

This is similar to what Chrome provides, but by default Firefox encrypts all synced data instead of just your saved passwords. Additionally, there’s more security when you add a new computer or device to your Firefox Sync account. You can either enter a passcode from the new device into one that you've already set up, or take the recovery key from a device you've already set up and input it into the new device after logging in to your Firefox Sync account.

Summary
Internet Explorer 9 helps prevent casual snooping—there’s no list of saved passwords in the settings—but it doesn’t provide any advanced security features to prevent someone on your Windows account from using third-party utilities to recover your passwords.

Google Chrome 21 allows anyone on your Windows account to view your list of saved passwords and credit card details, so be careful who you let on. And if you sync your browsing data across multiple computers and devices, consider turning on encryption of all data and setting a custom passphrase for double-protection.

Firefox 14 also by default allows anyone on your Windows account to view your list of saved passwords, but you can create a master password to encrypt and protect them. And if you use the browser syncing feature, Firefox offers great security.

Of the three browsers we reviewed, I’d choose Firefox for the best password security thanks to its master-password feature, but I’m also eager to see the final version of Internet Explorer 10 for both Windows 7 and 8.

I’ll leave you with some additional tips to help you boost the security of your passwords:

Never save passwords or sync browser data on other people’s computers.
Try to use different passwords for each site—at least for banking and other sensitive accounts.
Password-protect your Windows account.
Create separate Windows accounts for each user, or at least for those you don’t fully trust.
For extended family or friends, utilize the Guest Windows account.
Use a good antivirus program and keep it updated.
Think about fully encrypting laptops, netbooks, and mobile devices.
Look into third-party password-management services like LastPass or KeePass.


Last edited by Rana on Sun Mar 13, 2016 2:25 pm; edited 1 time in total

Rana
Top contributor
Top contributor

Posts : 1383
Join date : 2015-12-16

Back to top Go down

Re: Can You Trust Your Browser With Your Passwords?

Post by කිත්සිරි ද සිල්වා on Sun Mar 13, 2016 1:17 pm

Thanks Rana.
Extremely useful one.
avatar
කිත්සිරි ද සිල්වා
Top contributor
Top contributor

Posts : 7277
Join date : 2014-02-23
Age : 60
Location : රජ්ගම

Back to top Go down

Re: Can You Trust Your Browser With Your Passwords?

Post by Rana on Sun Mar 13, 2016 2:29 pm

There is nothing impossible in internet. If hackers can hack american defense servers. what about our banks and email accounts. pale pale pale affraid affraid

Rana
Top contributor
Top contributor

Posts : 1383
Join date : 2015-12-16

Back to top Go down

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum