Common browsers like Firefox or Chrome are actually there to display websites on the Internet. In the meantime, however, they offer many more extras such as the creating and storing of passwords. But should browsers even be trusted with your login credentials?
How to make it easy for hackers
Today, employees need to manage more and more access to websites. Of course, it is convenient to have your passwords quickly at hand on the web. Opening the password manager first and creating a new password is too cumbersome for many users. They use the obvious solution to park their credentials in the browser: Users just find it hard to resist when the notification pops up if the entered password should be saved immediately. But also for browsers, a common saying applies: “A cobbler should stick to his last.” As in the browser, your passwords are left unencrypted, just waiting for brute force attacks and co. to get them. Thus, the browser makes it easy for attackers to read out the login data stored in plain text via malware.
Passwords in the browser: Convenience meets risk
Keep considering: What if a stranger would gain access to your computer? He could easily log in to all applications stored in your browser. Especially lost or stolen devices such as smartphones, laptops, and tablets would then represent an enormous security risk. This allows third parties to quickly access their login credentials to social channels, email accounts, etc.
Some browsers offer the use of a master password as a solution to this problem. In practice, however, this works after a fashion. After all, who wants to type in a highly complex password every time you start your browser? Above all, you would be back to the beginning: You would have to remember a password again and type it in to get to your data. So we strongly advise you to disable browser extensions such as from Chrome for your employees. Better use the add-ons from Password Safe to create and store new passwords …
Use Password Safe browser-add-ons
With the new add-on extension in version 8.7, Password Safe offers a safe alternative: If the user logs on to a website whose login credentials are not known in Password Safe, a pop-up will automatically appear in the browser. The pop-up asks whether the login credentials should be stored or updated and then securely transfers the data to Password Safe by synch. No more annoying switching, no more security risks from storing through the browser.
By the way: A password generator is now also integrated into the new add-on. This allows you to create highly complex passwords exactly where you need them. The password is stored in the clipboard and can be transferred to Password Safe in the next step. Read more about our add-ons in our help section!
Get more information on the browser extension here.