In this digital age where seemingly everything requires a password, and password requirements are increasingly strict, it is understandable that users can feel overwhelmed when it comes to remembering all of their login credentials for various websites. But as convenient as the idea may sound, the IT experts at ATB encourage you to forego saving passwords and usernames in your browser. Here are a few reasons why this is one instance where the incremental convenience just isn’t worth the added risk.
The most basic reason not to save passwords in Google Chrome and other internet browsers is that there is not a default master password protecting all of the individual login credentials. What this means is that if someone has access to your computer, they automatically have access to sites for which you have usernames and passwords stored. This could include banking websites and other platforms with personally identifying or confidential information.
And beyond just having access to these sites while they are using your computer, they also have the ability to download a plaintext list of all the passwords you have saved in a given browser with a couple clicks of the mouse. This means that they can walk away and still have access to your accounts.
But these in-person hacks are really just the tip of the iceberg. For example, with Chrome, if a cybercriminal gains access to your primary Google username and password, they are able to access the saved login credentials from a remote location without any further authentication necessary. Passwords saved in Chrome seem to be the most vulnerable to attacks, since Chrome is synched with the greater Google ecosystem, which means that these passwords are available from any location where you’ve signed in with your Google account, but that doesn’t mean that other browsers, such as Firefox, are without issues when it comes to linking passwords.
Even if your business has implemented our best practices when it comes to password policies and requires the use of strong passwords for sites that have access to business data, if your employees are storing these passwords within the browser (rather than using a third-party password manager with a master password), your exposure is probably greater than you realize. Contact us today to discuss your current password protocols – we’re here to help keep your confidential company information safer than ever in 2018.