Storing passwords in your browser – our own expierience

Storing passwords in web browsers is becoming increasingly popular. It offers convenience, a degree of security, speed of use, and accessibility for the user. However, if something is accessible to anyone, it is potentially accessible to someone else, not necessarily with good intentions. Saving passwords in a browser also carries numerous security risks. Many people use password managers built into browsers like Google Chrome or DuckDuckGo to simplify daily logins. While this can be convenient, it’s worth being aware of the potential risks and taking appropriate steps to protect your data.

Google Chrome Password Manager

To access the password manager in Google Chrome, simply click the three dots in the upper right corner and then go to “Settings” > “Autofill” > “Passwords.” From there, users can view, edit, or delete saved passwords. Chrome automatically offers to save passwords when logging in to websites, which is convenient but also potentially dangerous if your device falls into the wrong hands.

Storing passwords in your browser
Storing passwords in your browser

Password Manager on DuckDuckGo

DuckDuckGo, a browser known for its privacy stewardship, doesn’t offer a built-in password manager to the same extent as Chrome. Instead, users can rely on third-party password managers, giving them more control over their privacy. However, DuckDuckGo may remember login details within a session, which is worth monitoring.

Storing passwords in your browser

Storing passwords in the browser – threats – real case

Storing passwords in your browser

Internet portals that can lead to password theft

We have previously written about data security, backups, secure passwords and cybersecurity.

  • Password theft by malware – Viruses and Trojans can intercept passwords stored in browsers when a device is infected.
  • Access by unauthorized persons – if the device is not properly secured (e.g. no password or biometric unlocking), they can easily gain access to the stored data.
  • No encryption – in some cases, passwords may be stored in unsecure text.
  • Phishing attacks – criminals can impersonate login pages to intercept data stored in browsers.
  • Pirated multimedia software sites often contain embedded malware that can activate even after several years
  • Fake online stores – imitate popular shopping sites to capture login details.
  • Dating sites are popular targets for attackers, especially if users use the same passwords in different places.
  • Pages with unsecure login forms – vulnerable to man-in-the-middle attacks.
  • Torrent sites – known for intercepting user data.
  • Websites that pretend to be the secure, authentic ones you use, such as your bank or store, but ask for the data they usually request, such as your card number, PIN, or PESEL number.