I use Google Chrome for practically all my web browsing, and a few days ago I made a startling discovery after reading this article: Google Chrome’s password security really sucks! Seriously, it’s like taking your password and placing it as a screensaver where anybody who has access to your computer can see it if they only looked.
If you’ve used Google Chrome before, you may have noticed that it is pretty eager to store your passwords for you, offering to do so whenever you enter user data into any form as the screenshot below shows.
However, if you go to Google Chrome’s settings, there’s an option to “Manage saved password” which will take you to the following screen.
The really interesting thing here is that if you click the “Show” button in the password field, it will show your password, without any further security promptings.
In effect, Google Chrome eagerly offers to store your passwords for you, on the premise that it offers you the convenience of not having to retype your user details every time. However, in doing so, it strips out any other layers of security that you may have on your accounts, delegating the security solely to your computer. That is really not a comforting fact considering that it is really easy for someone to gain access to your computer.
Of course, we can start arguing about how your computer should always be protected with a strong password and how you should ensure that it doesn’t get into the wrong hands. If we’re to be really honest though, how many of us can claim to be the sole users of our computers; or that we have really strong passwords; or that we vigilantly monitor the activities of everybody who uses our computers. I doubt it’s a lot of us and I have many friends who do not even have their computers password protected.
So imagine this scenario: a colleague or friend asks to look at a file on your computer and you oblige because it’s not a big deal. Somehow they proceed to go to Google Chrome’s password management page and click “Show” on the passwords fields. Bam! They have just obtained usernames and passwords to your online accounts and who knows what they may do with them. Many people are thus unwittingly trading off the security of their data for the convenience of not routinely entering their passwords every time.
If you’re really concerned about privacy and the protection of your personal information, I suggest you don’t let Google Chrome handle your passwords. And if you really want the convenience that Google Chrome offers with regards to remembering your passwords, there are several options available such as using password managers (e.g. Keepass and Lastpass) or encrypting your Google Chrome data.
Quick NetOne, Telecel, Africom, And Econet Airtime Recharge
If anything goes wrong, click here to enter your query.