It seems to me that this is a fundamental security flaw. I deleted the last couple of characters and tried different numbers and viola, knew what was the right ending number. I could not remember the ending number for a certain login, so I went to a website where the password was stored. This results in a lot of passwords that are the same, but sometimes I forget what the end number needs to be for a particular login. I know this is bad, but with how often I am asked to change passwords, I really could not remember the number of passwords expected of me. I'm one of those people who when asked to change their password just keeps the same password, but changes a number at the end. I have noticed that the browser fills the username and password fields, and the password field indicates the number of characters in the password. If someone found my computer unlocked, they could get past the login screen for some website using the stored details, but if asked for the password again like during checkout, or if they wanted to login to the service from another device, they would be out of luck.Īt least, that's what I used to think when I believed the browser did not store the password itself, but a hash or encryption of the password. I used to believe this was fairly secure. Whenever I enter a login into a new site, Chrome asks me if it should store the login details.
0 kommentar(er)
