The Dangers of Storing Passwords in Web Browsers
DC the Computer guy
Why is storing passwords so important? Because following the guidelines to make unique passwords for every account makes remembering all of your passwords impossible. That being said, storing passwords in a web browser seems like a convenient solution. It isn’t. That very convenience is what makes it their greatest flaw – your passwords are too easily accessed by anyone who gets on your computer.
Having worked my way up in IT, and now owning a managed services provider, I’ve experienced the struggle with passwords firsthand for a very long time. When web browsers first started offering this feature, it seemed like the perfect solution because, in addition to remembering the passwords for me, they would auto-populate the fields.
What’s not to love?
As it turns out, quite a lot.
While working with a recently hacked client, we discovered that all of their web browser-stored passwords were exposed – which is why I thought this would be a great topic for a video blog.
Click below for my Video on the Dangers of Storing Passwords in a Web Browser
Think about this for a moment, the average person has 80 to 100 passwords. Security experts tell us that every login should have a unique password, 12-16 characters long passphrase and should never be written down anywhere. That means, that the average person is expected to remember 80 to 100 Strong Passwords, many of which will only be used occasionally.
Is it any wonder that people love the idea of storing their passwords in a browser?
Fortunately, there is a better option.
DON’T MAKE IT EASY FOR THE HACKERS
Chrome, Firefox, Edge, Safari – they all allow you to save passwords, and they all have inherent weaknesses that cybercriminals can exploit. With 1 in 3 people in the United States being victims of cybercrime, using browsers to store your passwords puts them all in one vulnerable place, making them easy to steal when you get hacked.
PASSWORD HARVESTING
Credential theft is on the rise. Cybercriminals are coming up with more ingenious ways of stealing user names and passwords because those have a high value on the dark web. The majority of business security breaches and personal identity theft occurs because of stolen credentials. Once you recognize that cybercrime is all about monetizing stolen information, it becomes clear that everyone is a target.
THERE IS HOPE
With a Password Manager, it is possible to securely store all of your passwords and easily access them when needed, and all you have to do is remember one password. A password manager is just an application that allows you to store, generate, and manage passwords in a secure way. Most are encrypted cloud-based services that are available within your browser through an add-on. In addition, most of them can also be used on smartphones, so since we all keep our smartphones handy, we always have easy access to our passwords.
FINAL THOUGHTS
With phishing attacks on the rise and cybercriminals organizing specifically to steal credentials – Cisa has identified Russian hackers sponsoring a specific Password Harvesting threat – it is more important than ever to securely store your passwords and I strongly recommend using a Password Manager. Personally, my favorite password managers is 1Password, but there are many to choose from. If you want to do your own research, I suggest Googling “top password managers 2024” and you’ll find articles that offer pros and cons for the most popular and secure password managers available.
Better yet, contact us and see why we are Simply the Best Choice for IT Support.
As always, if you have any questions or want to discuss IT service options, please get in touch with us here at CLARK by emailing support@clarkcomputerservices.com or giving us a call at 301-456-6931.
President And Owner
I left big business to start Clark Computer Services in 2003; not because I had a grand vision, but because I had three young children who needed their Dad around. Knowing I had to replace my salary, I went door-to-door visiting small businesses to introduce myself and ask if they needed IT support. I heard story after story from business owners and office managers about IT companies not returning calls and emails, grumpy technicians showing up late or not at all, and systems being down for days, weeks, and in some cases…months. I realized quickly that there was a clear and pressing need for reliable, honest, and professional IT support completed pleasantly and on time.