We get it, passwords are a pain in the arse. With so many to remember its easier to simply save them to your browser. You might even know that you probably shouldn’t, but do it anyway. Here’s why you need to cut out immediately.
If you’re saving your passwords to your browser it might be with the best intentions. Maybe you’re not using the same password (or a variation of) for everything. You might even be using lots of hard-to-remember passwords across the web to make it harder for someone to hack all your accounts.
That’s great and definitely a step in the right direction.
Unfortunately, this absolutely doesn’t matter if you’re saving all of your passwords to your browser. Here’s why.
Why saving passwords to your browser is dangerous
Even with all those different passwords, saving to Chrome or Firefox means you’ve created a single point of failure. This means that all a hacker needs is your browser login and they can then access ALL of those other accounts and passwords. They can even export them with the click of a button.
Seriously it’s so easy someone could steal all your passwords without you realising it — especially if you don’t have 2FA or new login alerts on:
This is particularly problematic if you have things like your banking, phone and internet and MyGov accounts saved in there.
Not only would a hacker be able to access all of that information to mess with your accounts and finances, they would have all of your contact information like your phone numbers and home address. They could use this for all sorts of things, like impersonating you or stealing your identity.
If that isn’t enough to freak you out, it might be worth thinking about whether you have tracking on your phone or smart watch. Yeah, they could access your real time location super easily, too.
It can impact your friends and family
Then there’s your loved ones.
Let’s say a hacker gets access your accounts, emails, social media and messaging services. How many times have you and your friends and family disclosed phone numbers, addresses, photos of children and other private information?
How many secrets and sensitive information have you shared?
All of that is up for grabs, ready to be exploited if you’re hacked. And saving passwords to your browser means you’ve given a hacker just one single barrier to be able to access it.
I still don’t want to have to remember all my passwords
Deleting all your saved passwords doesn’t solve the convenience issue, I get it. But that’s where a password manager is super useful.
There’s some great ones out there that don’t just store all your passwords, but generate new ones for you whenever you want with the click of a button. You can even launch the sites you want to login in from straight from the manager for easy access.
Here’s more information on a bunch of passwords managers available right now.
Is this actually safer?
You might be wondering how this is anymore safe than saving to your browser. After all, it’s just another single point of failure.
That’s a great question.
Having a single master password means you can make it hard to crack. And a good password manager will do two extra things for you.
Unlike a browser, a good password manager will use a zero knowledge technique to log you in. This essentially means that your password manager service has zero access to your master password.
So how does it log you in?
It’s a bit complicated but basically the manager will have a ‘public’ password that is linked to the ‘private’ password you type in. It will be able to check that these two passwords belong together and log you in without being able to track or see your actual password.
Still confused? Encrypted cloud storage company, Tresorit, explains it well with a hotel analogy.
Let’s say you check into a hotel, but instead of getting a door key from reception you bring your own padlock and key. While that hotel is proving you with a place to use and store your luggage it doesn’t have access to the room or have a copy of your padlock key.
Zero Knowledge techniques matter because if your password manager company got hacked, it won’t be able expose any of your passwords or information because it doesn’t have any means to access it.
You can also make this even more secure by enabling two-factor authentication to make it even more secure
If this doesn’t sound as convenient as saving passwords to your browser, it’s because it isn’t. But it’s also not that difficult.
At the end of the day, is one less click or two really worth putting your finances, personal information and the safety of yourself and your loves ones at risk?
How to delete passwords from your browser
If you’re ready to delete saved passwords from your browser, it’s super easy.
Chrome
- Click on the three dots in the top right of Chrome
- Go to Settings
- Under the Autofill heading click Passwords
- Look at all the saved passwords in terror
- Click on the three dots next to each website a password is saved for
- Click delete
- Yes they need to be done individually, this is you punishment for saving 120 passwords to a browser
- Scroll back to the top and make sure Offer to save passwords and Auto Sign-in are turned off (grey)
Firefox
- Click on the three lines in the top right of Firefox
- Click Options
- Type ‘passwords’ into the search bar
- Click Saved Logins
- Hit the ‘remove’ button for each of them
Safari
- Go to Settings
- Click General
- Go to Passwords & Autofill
- Click Saved Passwords
- Select each one you want to delete, hit Edit and then Delete
Microsoft Edge
- Click the three dots in the top right of Edge
- Click Settings
- Click View advanced settings
- Go toPrivacy and services and click Manage by saved passwords
- Click X on all the website passwords you want to delete