Why password autofill is risky

Why password autofill is risky

Many people use password autofill on their web browser or password manager for convenience. The feature, however, can be used by hackers and advertisers to access user accounts and gather your sensitive information without your consent.

Why password autofill is so dangerous

Modern web browsers and password managers have a feature that enables usernames and passwords to be automatically entered into a web form. This feature isn’t completely safe, however. If you enable this feature and hackers gain access to your computer or web browser, it will be easier for them to infiltrate your accounts because the autocomplete feature will fill in all saved credentials.

Tricking a browser or password manager into providing saved information is incredibly simple. All a threat actor needs to do is place an invisible form on a compromised webpage to collect users’ login information. Once the browser or password manager enters the user’s information, the hacker will gain access to that data.

Using autofill to track users

Shrewd digital marketers can also use password autofill to track user activity. For instance, they can track people based on the usernames in hidden autofill forms they place on websites and sell the information they gather to advertisers. While they don’t intend to steal passwords, there’s always the likelihood of exposure.

One simple security tip

A quick and effective way to improve your account security is to turn off autofill. Here’s how to do it:

  • On Microsoft Edge – Open the Settings window, click Profiles, and then select Passwords. Disable “Offer to save passwords.”
  • On Google Chrome – Open the Settings window, click Autofill, and disable “Offer to save passwords.”
  • On Firefox – Open the Settings window, then click Privacy & Security. Under the Logins and Passwords heading, untick the box next to “Autofill logins and passwords.”
  • On Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

Having good password security habits can significantly protect your sensitive data. For 24/7 cybersecurity support that goes far beyond protecting your privacy, call us today.

Published with permission from TechAdvisory.org. Source.

Shawn Meyer

Shawn Meyer

Shawn has over 20 years experience in utilizing various technologies for implementation, management, and administration of Fortune 100 Enterprise Level distributed environments. As part of the management team, Shawn oversees Enterprise IT and Consulting engagements for RJ2 Technologies’s clients. Prior to RJ2 Technologies, Shawn was the regional IT manager for a large entertainment corporation and was recognized for his change management leadership during a complex system-wide conversion to digital media. In addition, Shawn has worked with various clients throughout the Chicagoland area. Shawn enjoys spending time with his wife and three energetic kids and volunteers for a variety of nonprofit organizations in the Chicagoland area.