Where Google Chrome security fails: the password

Google promises that Chrome will be a much more secure than Windows. Well, yes, but it also has one big problem as well.

By  

That's one heck of a single point of failure.

With business password-protected systems, you need to be on a specific computer or on a particular network to access important data. With Chrome, you, or a cracker, can be anywhere on the Internet and get to all of your data.

Google knows this is a problem. They plan on addressing it. Google is looking into biometrics, such as a fingerprint reader; smart cards; or Bluetooth. But, as Google points out in their Chrome OS security documents, all of these have their own share of problems. So, while Google will be keeping an eye on these security technologies, it looks like the first-generation of Chrome devices are going to be relying on the very unreliable login-password model.

Eventually, I think Google will have to add one of these technologies to Chrome to make it more secure. I don't see that they'll have any choice in the matter. Login/password is just too darn easy a way to get into a Chrome user's information.

For what it's worth, I suggest that Google look into building smartcardtechnology into a USB stick. All devices now come with USB ports so there's no added cost and this will make Chrome OS orders of magnitude harder for a cracker to get into someone's account. Yes, that does mean that users would need to keep track of their Chrome USB stick, but I think the improved security far outweighs the inconvenience of carrying a USB stick.

What do you think?

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness