Those who are using Firefox 2 or IE7 might be at a risk of loosing their login credentials to various sites, if they're using the in-built Password Manager of either browsers. Apparently, Firefox 2 users are more at risk.

The basic concept is, phishers can utilise spoofed URLs belonging to the same domain for which you'd saved login information to capture your login credentials when you try to login again. Apparently, none of the browsers check for the validity of the URLs prior to filling up the forms on the page - thus disclosing your credentials to spoofed pages (and consequently to the phishers) as long as the URLs are under the same recognised domain.

Read more about this bug (??) ....



As for me I never trusted the browser based password managers and have always been using this tool called AI Roboform over the past 2 years. Never gave me a chance to complain

Opera do not have any such problems it work flawlessly and efficiently.Both Internet Explorer 7 and Firefox 2.0 become vulnerable within weeks of their public release.As things get popular new security loop holes will be discovered, it is same for windows too.

LOL!!!

Yet another bug in Firefox hahahah when are people going to stop jumping on the Firefox bandwagon?

Get a decent browser FFS!!!



www.opera.com

Opera's not invisible either. I never use the password manager, I hate this technology btw.

xboxrulz

I always use the Opera password manager, for me personally it is very useful. I am the only one who am using my computer and every time I visit a site I just push ctrl+enter and thats all, I get logged in into any of the sites I saved the password and it is so easy, you log in the for the first time and the browser ask you to remember or not now and you can choose for the entire domain or only for that page.. Moreover, if the site has two account, say usually like google, gmail, adsense, I just need to choose which username to use. For me it is one of the most useful tools in the browser. And I usually logout/signout from any site.

I just don't like, for example, when I reinstall windows and the password manager again is empty, even though it was a long time ago.. I don't like to do all over again to save the session. But one bad thing about password managers is that it really is much easier to forget the username+password you're using. I have about 4-5 main passwords usually with the same username, but sometimes I just forget where which one I use, due to the password manager usage, that is why I am using the great program KeePass, to save all my passwords and of course if I ever have a computer failure, I have them somewhere on my notes

The bad things about having passwords on a note, you leave the paper on your desk or something like that and invite some friend to your house for a beer or something and usually they can see it if they will want to, that is why it is better to keep them in a save place.

Thanks for the tip! i have never trusted the built in password managers - as a matter of fact, i've never really trusted any type of password managers.

You can never trust computers with confidential information like passwords and card numbers!

I love this love for Opera. Theres only two or three places where I need it(because it logs me out, sessions), but I still store a lot in there.

Though 9.00 and 9.01 weren't around for long, I went from 8.5-something to 9.02.

hmm... this is scary! blog sites will be the worst affected domains. any site that lets you customize itself is at risk i guess.

I'm also not a fan of these browsers that have these password managers built-in. But I have actually used them recently due to the time it saves me having to remember all my usernames and passwords for sites I visit a lot.

I remember trying out AI Roboform as it's become very popular but it didn't support Opera. I didn't know it supported Firefox either (maybe just recently). Just did a search and see that they have the extension for it on their site. Switching back and forth on Opera and Firefox as I love both browsers

Firefox has an extension called SpoofStick but I don't think the author updated it to support more recent Firefox versions. Found another one called Petname Tool that will help users avoid those phishing/scam sites. This should users help weed out those suspicious looking sites.

It's best to never write down passwords or even store them in your computer. It's best to commit it to memory.

xboxrulz