Chrome and Safari Tied for Worst Password Manager


In a study released by Chapin Information Services (CIS), Google's Chrome and Apple's Safari Web browser were tied for the worst password manager after CIS tested the two browsers and several others and reported the vulnerabilities. Three vulnerabilities were of concern during testing:


The destination where passwords are sent is not checked.


The location where passwords are requested is not checked.


Invisible form elements can trigger password management.


Five browsers were tested by CIS: Opera 9.62, Firefox 3.0.4, IE 7.0, Safari 3.2 and Chrome 1.0. The browsers were put through a battery of 21 tests. Opera did the best and had fewer vulnerabilities than the other browsers.


Firefox has recently completed a lot to improve its password manager, but Robert Chapin said in an interview with PCWorld, "Should everyone put 100 percent implicit trust in every password manager? Not at all."


If you are looking to change browsers, the Chapin study leaves us in a bit of a quandary. The easy answer is to use the lesser of evils, the Opera browser. I think the smarter thing to do is to evaluate each browser in a broader scope and choose the one that fits your requirements.


Chapin has posted an online test where users can check the security of their own password manager.