Among ZDNet's blogs for 12/15/08 was this posting: "Major Web browsers fail
password protection tests" (http://blogs.zdnet.com/security/?p=2305). The test
in question was performed by Chapin Information Services, and the full details
can be found here: http://www.info-svc.com/news/2008/12-12/
The tests were performed on Firefox 3.0.4, Opera 9.62, IE 7.0, Safari 3.2, and
Google Chrome 1.0. Both FF and Opera faired the best with an overall score of
7, but they still each failed 13 of the 20 tests. I'm wondering where SM stands
in this testing, given the current version of Gecko and the associated password
vault/wallet. I've not worked with FF 3's version of password manager, but I
would assume it has an encryption function similar to SM's master password, etc.
Execution of this function, however, likely differs between the two apps.
It seems easy, IMO, to dismiss this issue out of hand as user laziness, but when
one is operating with literally dozens of different passwords, having them
consolidated in a vault-type location does save time and effort. I'm wondering
if having the master password set for "Every time it is needed" affects how SM
responds vis a vis the CIS test battery.
Feedback and comments, especially of SM developers, solicited and appreciated.
Purrs --
--
/\ /\ | "I love cats because I enjoy my home;
^o o^ D.K. "Cat" Kraft | and little by little, they become
->T<- [email protected] | its visible soul."
~ Lynnwood, WA |
___oOO___OOo___ | -- Jean Cocteau
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
