Significant SSL Threat: Password Flaws Found by Researchers

The most commonly used security system to protect passwords over the internet has been cracked by researchers at one of Switzerland's top technology universities. A team at the Federal Institute for Technology in Lausanne said they had been able to . . . The most commonly used security system to protect passwords over the internet has been cracked by researchers at one of Switzerland's top technology universities. A team at the Federal Institute for Technology in Lausanne said they had been able to decipher a password in less than an hour.

"It is the first time we have noticed a security problem in the SSL protocol itself and not in how we use it or how we implement it," Professor Serge Vaudenay, director of the institute's security and cryptography lab, told the BBC.

But the researchers say the loophole does not apply to credit card transactions, as banks and e-commerce sites use a different type of SSL (Secure Sockets Layer) technology.