How Browsers Store Your Passwords (and Why You Shouldn’t Let Them)
▻http://raidersec.blogspot.in/2013/06/how-browsers-store-your-passwords-and.html?m=1
Bref : L’article prend la perspective du méchat voleur de MDP.
RaiderSec
Texas Tech Security Group
On apprend que Firefox tient l’exclusivité d’un système de sauvegarde des mots de passe effectivenment sécurisé - à condition d’activer un mot de passe principal bien long et compliqué.
Chrome
Difficulty to obtain passwords : Easy
...
Internet Explorer
Difficulty to obtain passwords : Easy/Medium/Hard (Depends on version)
...
Firefox
Difficulty to obtain passwords : Medium/Very Hard
Password Algorithms : Internet Explorer 10 (Windows Vault)
▻http://insecurety.net/?p=933
▻http://insecurety.net/wordpress/wp-content/uploads/2012/12/Untitled1.jpeg
For whatever reasons, there was a pretty significant reduction in Vault features between Windows 7 and 8. Below is a list of what was removed.
Creation / Deletion of vaults.
Loading / Unloading external vault files.
Locking / Unlocking vaults with additional password protection.
Protection Methods
Windows 7 has 2 methods available but Windows 8 only has 1.
DPAPI (Data Protection API) is used by default but on Windows 7, you can also use a password.
The algorithm used to protect passwords is RSA PBKDF2.