Why You Should Never Save Your Passwords/Credentials to Your Browser

Why You Should Never Save Your Passwords/Credentials to Your Browser

Storing passwords, user names, or credit card numbers on your computer seems like the perfect solution to the conundrum of trying to remember all the information, especially when following experts’ advice to not repeat them. Having a browser auto-populate those fields on different sites might also prevent keylogger malware from capturing the information. However, there are good reasons why letting the browser save those credentials may compromise data security, and allow others to snoop into sensitive data.

Saved passwords can allow unauthorized access

A hacker may be able to figure out passwords easily, but if you store passwords in a browser, even a nosy family member or prankster co-worker can find them. Browsers save passwords in a list you can pull up to view anytime. While most web viewing software masks them with dots or asterisks, they also offer the option to show them as text, so it doesn’t take much effort for someone using your device to access them. And, even if you don’t save passwords for bank accounts or credit cards, if you use the same one you’ve used on a less sensitive account, important data may be compromised. If the passwords follow any type of pattern, someone with a little patience and determination may even be able to guess the ones not saved.

Storing passwords makes all devices vulnerable

With stored passwords, someone seeking access to accounts may not need to physically access your devices. Some viruses and malware can steal the password list remotely. If so, the person responsible for those attacks can access your accounts at any sites you’ve saved those credentials on. And, depending on your password habits, they may be able to retrieve the log-in information for other, more sensitive data. Also, if you sell your computer without clearing all data, the new user can, with the right knowledge, retrieve your credentials. One option for guarding info is a password journal stored in a secured drawer or other location, away from casual prying.

Storing passwords impacts memory

The main benefit of saving passwords is not having to enter them every time. While that sounds like a convenience, it can mean that users forget those passwords more readily. Entering a user name and password often creates a type of motor memory. Then, there’s no need to run through the time-consuming “forgot password” process to use the accounts on a different device.

Prevent most security issues with password manager and other tools" width=

The most basic means of maintaining data safety is to use a different password for every site or account without saving or recording them. But, when there are enough of them accumulated, they become difficult to remember. However, there are other options to protect both your accounts and your memory.

First, add a firewall and other data encryption to devices. With those safeguards, hackers may not be able to bypass intrusion prevention and data-theft protection protocols, even if they get the log-in credentials. These external appliances also provide web content and email filtering, anti-spam protection, and proxy blocking. Be sure to encrypt laptops, netbooks, tablets, and phones, as well as desktop computers. Adding multiple layers of security, including anti-virus software, may encourage hackers to find other, easier to access targets.

A password-saver utility allows secure storage by requiring the use of a strong master password to access them. Many offer strong-password generators. For those that don’t, remember that longer is better. Pick a password that contains at least 12 characters. Avoid repeated characters like arbitrary combinations of letters, numbers, and symbols. Avoid single words, numerical sequences, or personal information. Also, don’t change passwords too often. Needing a new password every month often results in weaker passwords.

Finally, opt for two-factor authentication (2FA) when it is available. With this extra security layer, users must have the password and a second tool to access the site or account. Secondary requirements might include texted codes, answers to security questions, fingerprints, voice recognition, or even a separate physical device or token. This won’t remove all the risk, but it may make breaking into your accounts more trouble than it’s worth.

Saving credit card information

If you shop online a lot, it’s tempting to save your credit card information so you don‘t have to type in the 16 digit number every time you buy something. However, saved credit cards make it easy for someone to make unauthorized purchases on your account. Even with security protocols in place, it’s still a good idea to take the extra minute or two to type in your credit card information manually every time you shop.