When we are using a browser and it detects that we have entered a password, it offers us the possibility of saving it and using it the next time it is necessary. It’s very convenient, you can access secure pages without the “hassle” of typing long passwords that you can’t remember. It can also give a false sense of security, since by not typing the passwords the Keyloggers* will not be able to register them.
But if it’s all advantages… Why shouldn’t we store the passwords in the browser?
These passwords are stored in a file (encrypted) that can be accessed by certain types of malware.
If you leave your computer unlocked, the passwords saved in your browser can be accessed without any problems. In Chrome just go to chrome://settings/passwords to show them.
Even if you leave your computer locked, another user with administrator rights could still access your passwords.
Encryption of passwords stored in Firefox is vulnerable, information can be broken and accessed. It is a problem that has been known for years and has not yet been solved.
Some online marketing companies have begun to abuse tracking of users and their habits, even if they do not have cookies. At least it looks like it’s not being used to steal credentials so far.
Storing passwords allows us to forget to remember them and easily access sites but we lose security…. Using an application like NoMorePass is the solution. NoMorePass stores the (encrypted) passwords on your mobile device and enters them when necessary by focusing on the computer screen with the camera. A simple and safe process.
If you want to use safely your passwords, please visit this pixel privacy post to receive much more valuable tips (and still using nomorepass).
* Malware capable of detecting, storing and sending passwords to a database for fraudulent use.