Passwords and credit cards are unprotected in version 30+
-
kaminparis last edited by
Has anyone found a way to password or pin protect access to the saved passwords and credit cards settings? In the latest version, it is accessible without any protection of a master password or pin. Thank you in advance.
-
lando242 last edited by
The passwords are tied to your Windows account and can't be accessed unless you are logged in. If someone were to steal your computer they would not be able to get into Opera's saved passwords unless they were also able to get into your user account. If you give someone access to your Windows account, then yes, they are exposed.
Personally, I use a password manager called KeePass. Its free, secure and good for more than just web pages.
-
Deleted User last edited by
The passwords are tied to your Windows account and can't be accessed unless you are logged in. If someone were to steal your computer they would not be able to get into Opera's saved passwords unless they were also able to get into your user account. If you give someone access to your Windows account, then yes, they are exposed.
Personally, I use a password manager called KeePass. Its free, secure and good for more than just web pages.Silly answer.
Of course, if someone steals your computer, they have full access to ALL the (unencrypted) data in the hard drive. The user account "protection" works only as long as you're accessing the HDD through the OS which has the appropriate user accounts.
I was actually bit shocked, that the fantastic new Opera allows passwords to be shown so...easily.
If you have physical access to the computer, you can even reset the user account password (almost regardless of the OS) if you also have access to a 2nd operating system – eg. USB-Linux – which can read the file system of the original OS. This means you'd be able to access the passwords Opera has stored through a couple of clicks...?
While that's alarming, it still requires physical access to the computer. The key question is, are the passwords stored using a sufficient encryption or not? That is, are they accessible to a random malware or someone who stumbles on an unlocked computer who doesn't know the user account password?
By sufficient I mean 'not in the same way in every computer'.
-
lando242 last edited by
If you are logged into your user account and there is malware on it your system then it is compromised. It doesn't matter what web browser you are using. When you use your password to log into your bank or whatever it has to be decrypted to be entered on the webpage. During that time malware can steal it. It doesn't matter if its in a secure password manager or a web browsers password storage or anything. The only time these things can protect your data is when they are not being used.
Its like a lock on your door. Its only working when the door is closed. Doesn't matter how great the lock is if the door is wide open. From that perspective, yes, Opera is safe. The file that stores your data can't be used unless its being used from inside your Windows account. So it can't just be copied off your hard drive by a second operating system and read plain text. But if its accessed while your system is operating, like by malware or a hacker, you are wide open. As with anything else like that.