Do you let your browser remember your passwords and automatically fill them in for you every time you sign into an online account?
If so, you could well be headed for trouble.
As you know, your user password is the master key to most every online account you use.
If a hacker manages to steal it or trick you into handing it over via a successful phishing attempt, he’ll be able to use the ill-gotten password to log into your account and do pretty much anything he wants to do with it.
The thing is, managing (and remembering) the passwords to all our online accounts can be daunting.
That’s why many folks resort to either allowing their browsers to store their passwords or using an extremely dangerous password manager.
(Note: You can read about the security risks of password managers in these posts.)
I know how convenient it is to have your browser store your passwords, but there are so many ways that it can come back to bite you that I strongly recommend against it. Here are just a few of them:
1 – If your computer or mobile device is ever lost or stolen, whoever ends up with possession of it will have immediate and complete access to any online accounts that you have allowed your browser to store the passwords for.
2 – If a hacker ever takes control of your computer remotely over the Internet, he/she will have immediate and complete access to your online accounts if their passwords have been stored. And trust me, this happens all the time.
3 – Storing your passwords will make your accounts vulnerable to roommates, family members, and visitors who like to snoop around on your computer when you aren’t around.
4 – If you allow your browser to store your passwords that means you won’t be typing them for a while, therefore you’re likely to forget them.
Forgotten passwords can usually be reset, but it can be a hassle at times. And with some services (here’s looking at you, Facebook) it can be literally impossible to reset a forgotten password in some situations.
As you can see, allowing your browser to store your passwords isn’t the greatest idea in the world. I can’t claim to be a saint in this area because I used to do it myself. But in today’s world, I strongly recommend against it.
Bonus tip: For the best security always use a strong password that’s easy to remember and enable Two-Factor Authentication on every account that supports it.