News

Password Fail For Chrome Reports Websites With Bad Password Policies

13 Mar/10

Webmasters who create a community on the web need to define password policies that include password limitations and recovery options. They also need to ensure that the passwords and user data in general is protected on the service’s servers to avoid disastrous hacker attacks where hackers can gather valuable unprotected data from the service.

The Password Fail extension for Google Chrome tries to aid the user in evaluating a web service. It displays icons in the Chrome statusbar if a website is loaded that is using bad password policies, specifically saving passwords as plain text.

One of two icons may appear in the web browser’s statusbar upon connection. A yellow warning sign that indicates that a website sends out passwords in plain text after user registration and a red sign that a website sends them out upon request.

Both are indicators that the passwords are stored in plain text on the web server which basically means that attackers will also be able to get their hands on the unprotected data if they find a way to either request the data or hack the server.

Password Fail relies on user contributions. Users can submit new websites and services that they suspect to store passwords in plain text. This will be verified by the team by registering. Only after that will a website be added to the service’s database.

A sample list of websites with bad password policies is available on the Password Fail website. It lists among others MySpace.com, Brady Games and Stumbleupon as offenders.

Chrome users can download the extension for their web browser directly from the Chrome extension gallery.

Continua a leggere – Original Link: Password Fail For Chrome Reports Websites With Bad Password Policies

Technorati Tags: , , , , , , , , , , , ,

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

    Spina Rosario
    Inserito da

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta