Saturday, July 27, 2019

Password Management Protocol vulnerabilities Essay

Password Management Protocol vulnerabilities - Essay Example Many users use autocompleting in their browser and this main threat for the password security and we will show It on the example of one non-malicious software called â€Å"WebBrowserpassview†. We will analyze the password storage protocol used in the browser like Google Chrome, Opera, Firefox Mozilla, Seamonkey. These browsers store their passwords almost equally and their passwords can be revealed to the hacker with the help of the tool we mentioned above. Because mechanism of the encrypting passwords is very weak and even the simplest applications can retrieve them from their register, moreover, this application has good interface and getting passwords can present problem for the hacker, because it needs physical contact with the target computer, however, there are thousands modifications of this software which have hidden interface and after the running can send all passwords on the email or FTP-server of the hacker. Therefore saving of the passwords in the browser is quite doubtful method of password storage (10 Most Popular Password Cracking Tools 2014). Here we can see good interface for the passwords viewing and various operations with them. This application allow user to save them to the file. This file can be copied to other emails and then used in malicious activities like the accessing some bank-accounts without the two-step authorization that requires special key that system sends to the cell-phone of the user or to the email. There are many ways to protect computer from such attacks. The first way – avoiding downloading some software, regardless from the content and specifications written on the site, if the site is not or other associated site to the OS user use. Creators of the password storage systems can use special encrypting protocols which will help to defend passwords from retrieving with some application. Moreover, developers can use key file that will give access to the passwords, we mean any file in the system that will be

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.