As you browse the web and create new accounts, your web browser stores a database of logins. The next time you visit a website, your browser analyses your previous logins. If it finds a match, it enters the appropriate login information. This database of passwords stored in your browser is not as secure. According to the browser, if hackers were to gain access to your computer, they could extract the contents of the database and gain access to all your private credentials.
What about cookies?
Cookies are used to remember your password, but not in the same sense as passwords stored by browsers. The websites you visit use cookies which are only placed on your computer once you have logged in.
The purpose of cookies is to prevent you from having to log in for every new page you visit after you have logged in. Your login information is not stored in a cookie. Instead, the website to which you have logged in places a code on your machine. This code remembers your identity and confirms that you have already logged in. This code is unique to the website and your computer.
Do cookies expire?
Yes, cookies are often time-limited. This is why you are logged out of a website after a certain period. Cookies are deleted when you log out of a website. You can also set your browser to delete them when you close it.
Password management on the 3 main browsers
Google Chrome
Almost 60% of the world’s internet traffic passes through Chrome browsers. So it’s impossible to talk about browser security without starting there. On Windows and Mac OS X, the Chrome password manager prompts users to create a master password before registering a web login password themselves.
In theory, this should keep users’ passwords safe. But if an unauthorised user opens Google Chrome on Linux, the web browser will not ask for identification.
There are also ways to reset the user’s password on Windows. This gives immediate access to Google Chrome’s list of saved passwords. This is because Chrome’s “master password” is automatically set to the user’s Windows password.
Simply use a tool such as iSumsoft Windows Password Refixer to reset the Windows password. You will be able to access all the passwords stored in Chrome immediately.
Safari
Safari is the built-in browser application on every iPhone, iPad and Mac computer on the market. This browser requires users to set a master password before saving users’ passwords and login details.
Safari is slightly more secure than Chrome because it requires the user to set a unique master password. Unlike Chrome, a Safari user can set a password separate from their operating system password and lock their passwords behind it. However, there are other ways to circumvent Safari’s password manager.
Mozilla Firefox
Firefox is a well-known alternative to Chrome and Safari. It includes almost all the features of its more popular competitors, including password management.
Firefox’s built-in password management tool is more similar to Safari’s than to Chrome’s. It allows the user to set a unique master password rather than simply using the user’s operating system password as the default. However, it does not force users to do this.
This means that users who do not secure their Firefox passwords behind a master password leave their credentials wide open to access by anyone.
A more secure alternative to browser-based passwords
One way to avoid the risk of browser-based passwords is to create a “master password” in your browser’s login database. Master passwords prevent someone from simply clicking on “Login” and accessing a private website as you. They also encrypt your password database. This prevents a hacker from stealing your sensitive login information.
In a business environment, all it takes is for a malicious employee to access sensitive company information from your unlocked computer while you are having lunch for the company to be at risk.
Secure your passwords with dedicated software
A better solution for protecting your private credentials is to use a secure password program like LastPass.
It’s free and you can use it on your PC and Mac without restriction. There are versions available for any platform and device you want. A paid version with additional security layers is available if required.
Conclusion
With the advent of secure and easy-to-use password tools like LastPass, there’s really no reason to use saved passwords in the browser. Make sure you use a strong and secure master password. Consider additional layers of security to reduce the risk of your passwords being compromised. Above all, never save passwords in a browser on a computer you do not control.
