These days people have a lot of online accounts, which makes it difficult to memorize all the passwords. Chrome gives you the convenience of saving your login details to Google servers to make it hassle-free for managing passwords. However, Chrome is not alone. Other browsers like Mozilla Firefox also let you store usernames and passwords for immediately accessing websites. But, have you ever wondered if saving your passwords to Chrome, Google, or any other browser is safe or dangerous? Let’s talk about it.
Is it safe to store passwords on Chrome or other browsers?
Well, Google says Chrome encrypts your username and password with a “secret key” known only to your device. And this happens before the data is stored on Google servers, which means that no one, including Google, can access your username or password.
If you visit the password manager section of your Google account, you will learn that even you cannot access your id or passwords. Yes, you read it, right. The search giant will first ask you to enter the password of your Gmail account, after which you will be able to check the details.
While Google never sends an alert when you or, for instance, someone else try to access your passwords, the good thing is you don’t get access to all the passwords at once. So, for example, if you want to check your Facebook username and password, then you will click on it and enter your Gmail password. You will then be able to check the login credentials.
This is a good practice, but you don’t get special alerts for this. Browsers like Firefox don’t even follow this practice, and there is no way to add a security PIN to protect the id and passwords you store to its servers. While Firefox says your data is “secure,” this doesn’t seem to be the case as one can simply open or hack your laptop, access login credentials from Settings > Privacy & Security > Logins & passwords.
Whatever may be the case, it is still not safe to store log in details on any browser, including Chrome, as you don’t always get full protection and risks are always involved. For example, if your laptop gets breached, your data may be compromised. If your Gmail account gets hacked, then the person will be able to easily log into any account or site that you have stored on Google servers. You might have noticed that once you log in to Gmail on your new device, you don’t need to log in again to Play Store or Chrome or Google Photos or Drive. You can easily access everything by just logging into Gmail.
What can you do?
If your Facebook, Outlook, bank and other account passwords are saved to Google, then you should remove them immediately. While several banking sites have a two-step verification system and follow some security protocols, so it might be difficult for the hacker to crack. But, it is advisable not to log in credentials of any account.
The sites or accounts that are not as important can remain in the password manager list.
There is a reason why people are asked to enable Two-Factor Authentication (2FA) as this not only requires you to enter your primary password but also a secondary password, PIN or OTP, which no one knows. This doesn’t mean 2FA is completely hack-proof, as researchers from Stony Brook University and cybersecurity firm Palo Alto Networks have found that some “phishing toolkits” like Man-in-the-Middle (MITM) attacks can achieve this. While people can’t do much about it, they can do one thing – follow basic things to make it harder for hackers to access your data. It is mandatory to enable 2FA for every online account you have, and one should change passwords every month.
ry to keep unique passwords, add secondary passwords or PIN codes. It is very important to use 2FA for your Google account and add a recovery email to the same account. So, if your account gets hacked, then you can immediately recover it using your secondary Gmail account.
How to remove passwords from Chrome?
Just type “Google Password Manager” on your browser, and it will display the official site of Google on the top. Click on it and select any site or account you don’t want Chrome to keep on its servers. The search giant will then ask you to enter your Gmail password, after which you can delete it.