Never save passwords in your Browsers

Here’s why you should never save passwords in your Browsers – they are unsafe and easy to hack into. Guess what? The tools that broke their encryption algorithm a million years can still do the job today and pretty well. Let me show you how.

Just Never Save Passwords in Browsers

For example, take me, or you. We login to Facebook a dozen times a day. We have been vigilant and have kept our passwords long and complex so that the bad guys are not able to guess them and break into. But to make our lives easier, we put in our password and login nice and easy. The browser, say Chrome, asks us ‘Do you want to save your password?’ You don’t want to type your password in every time you want to stalk your ex-girlfriend. You click on ‘Yes’ and next time you wish to login, the password manager pops the password for you in the right place and you need to only click on the button to get back in.

Here’s what happens to your password in the background

No web browser will save your password in clear text for all to see in the open. They will run a standard encryption algorithm on your passwords and store them in a database. Even if I get the database and try to read it, all I will get is junk.

So you are safe, right?

Nope. All I need to do is to run a tool like this and your passwords and usernames will all be visible to me. I don’t even need to find out the databases of your password files and what browser you are running. It is scripted to extract everything, decrypt them and even lets you dump all contents to a csv file that you can carry off on your pen drive. It is that easy. One solution is to never save passwords at all. But that’s tough.

never save passwords in web browsers
Sorry for the heavy censoring!

How to prevent someone from stealing all passwords?

Simple. Don’t save them in the browser’s own password manager. They are no use in terms of security. You have other alternatives.

Alternatives like KeePass. It is free and open source and is widely trusted as an offline password manager. It works fairly simply and keeps you safe. There is another  – LastPass, my personal favorite as it syncs your passwords across multiple devices. You can now get LastPass on multiple devices for free as well. Premium features include added support among other benefits. The free version should do fine.

In short, if you wish to save passwords at all, use dedicated password management tools and not the integrated ones with the browsers.