One feature most of us enjoy in Chrome browser is its autofill capacity and its ability to remember our passwords and username to enable subsequent easy login.
This feature has made the task of remembering our password an old story for most of us. What we are mostly after now is just to say ok or yes to any popup prompting us to allow our password to be saved or remembered by the browser.
Allowing browsers to keep track of your data is never a problem, but you should be mindful of where the browser you use stores the data they are remembering for you.
Chrome is not the only browser with autofill capability. In this post, I will use Chrome as a case study, but you should also explore the settings of your own favourite browsers to see where your autofill saved data are stored.
I have used chrome for a very long time before I discovered this vulnerable setting option I want to share with you and it is something we all should be mindful of as it might become a deadly tool in the hands of our “frenemies” (by this I mean fake friends).
If you are a Chrome user and allowing Chrome to remember your password is your thing, please join me in these easy steps to see where chrome is saving your password and how easy it is for someone to walk in and download all your saved passwords as a file and walk away.
To see where Chrome stores your saved passwords, simply go to Settings on your system. To do this in an easy way, type the following in your chrome browser search bar and press enter on your keyboard;
Once done, your settings menu will appear.
In the autofill section, select password and you will see a list of privilege you had granted to chrome with regards to password toggled on.
Not only that, but you will also see the list of your chrome saved passwords over a long period at the bottom. This list contains not only your password but also the name of the site the password is used on and the username that goes with the password.
The vulnerability lies in that someone who has or knows your computer password can now just click on the eye symbol beside the password to view and copy it. And the person can log in to your account without your consent on another system.
As disturbing as this might sound, viewing your password is not even the worst case. The person might decide to export all your saved password into a file and carry it handy by clicking on the three vertical dots at the top right opposite where Saved Passwords is written. The only security the person needs to break is just your system password.
As you remain mindful of this setting, you should also be mindful of whom you give access to your system password.
This is not only a case for computer users. It is also applicable to the chrome app on your mobile phone. The only difference here is that it is your Gmail password that is required when one wants to export your saved password not your phone password. But same as the system when one wants to only view your saved password.
To see your saved password on your mobile chrome app, simply go to the Chrome menu by selecting the three vertical dots on the top right. Select settings, then password and you will see the list of your saved passwords under passwords.
To view or copy any of the passwords, simply tap on the one you want to view and select the eye symbol beside the password and you will be prompted to enter your phone password and boom there you have the password.
Know who you allow access to your phone or system password while in the office, home or at a party. Always be cybersecurity conscious.