In the recent years you seen browsers like Chrome have options to save your username and password as well as your credit card information so when you go to a specific URL (where enter the domain name you want to go to in to the browser) if it a login it tries to auto fill your information that it had asked you to save the last time you logged in or credit card information from you last purchase you saved. These features are very useful but are they really safe and secure. I am going to use Google’s Chrome browser is the example, but other browsers are very similar.
In recent years we have seen browsers like Google Chrome give options to save your username and password as well as credit card and other personal information to be used later for automatic login or to auto fill your information for future purchases or purposes. While these features are very useful and we find them convenient, is your information really safe and secure?
In this blog, I’ll use Google’s Chrome browser as the example because it is similar to most other major browsers.
They are all free to use and they do ask you before saving your information. I will let you after the research I have done you may think twice let a browser save your important Password Information. This article also contains additional information and resource links to inform you even more.
Let’s talk about how browsers save your information. Chrome actually saves your information on your local device in a known sub-directory with a simple encrypted file. In the case of Google Chrome browser, if you are actually paying for their suite products then they use the cloud service and that allows for better encryption.
With the free version of Chrome, computer hackers already know where the password file is kept. That is the first hurdle the hacker easily gets over. In many cases, they just make a copy of the file since there’s only one and then downloads it to their computer. In some cases, you will never be aware they downloaded your file. All of this allows a hacker to have unlimited time to figure out the encryption and get your information This is the problem with single file and single database security.
The next thing to consider is the safety of the device where the password file or database is located. What protection is provided to you? In addition, is your password information in one file or database or more than one? Hackers know the location of the file or database, so that doesn’t stop them from just downloading a copy of the file or database to their computer. Now they have all the time in the world to break it and you have no clue they did it. This is a very big con to all single file or database password manager system which is most of them.
There are further things that must be understood about the safety of your Password Manager’. Your information is not actually “stolen” because they just downloaded a copy to their device. But, once a hacker has your username and password information, they can access your accounts, learn about you, and build a profile about you.
Google’s does this with gmail.com on their free service and Alexia under the prefix that they are giving you a better user experience but who what data profile have they gleaned from your account profile. They may not be actually selling your specific data, but it allows them to create profiles of people’s worth, sex, height, weight, medical conditions and more, and that they can sell. They do make you aware of it in their User Terms & Conditions and Privacy Policies, but most people don’t read those details, but instead just click the box that they agree, giving them Carte Blanche to their information.
In Conclusion
Using a browser’s Password Manager is likely better than not using anything at all, but there are better products out there that are also free and that provide you much better protection. Before looking any further, consider the features and advantages of PwdGuard before using less safer options.
I have also included a few resource articles you might be interested in;