You might have seen a popup to save your passwords when you log into your accounts. Web browsers like Chrome, Firefox, Edge, etc., come with a built-in password manager. You can view all your saved passwords here. If you save your password on a particular web browser, you need not enter it when you log in again. The auto-fill feature of the browser enters the password that you have saved for a particular website. It is the most convenient way to log into your accounts. Isn’t it? Okay, let’s put convenience aside. The question is, “How safe is saving the passwords in web browsers?” This is what we will discuss in this article.
Is it safe to Save Passwords in your browser?
In this post, we will take a look at the safety level of built-in password managers of the most popular web browsers:
Saving passwords in your web browsers’ password managers can cost you high. This is because any person can log into your account easily. We will show you how.
1] How to View Saved Passwords in Chrome
To view the saved passwords on Chrome, follow the below-listed steps:
- Launch the Chrome browser.
- Click on the three vertical dots on the top right corner of the browser and select the “Settings” option.
- Click on the “Autofill” option on the left panel.
- Now, click on “Passwords” under the “Autofill” section.
Here, you can see all the saved usernames and passwords. To view the passwords, you have to click on the “eye” icon. But viewing passwords in Google Chrome on Windows 10 is not as easy as it sounds. When a user tries to view the saved passwords, he has to enter the Windows password. This means the Windows Defender defends your saved passwords on Google Chrome.
During my attempt to view the saved passwords, I also tried the “Use another account” option, but the Windows Defender failed this attempt too. That’s why it is always suggested to keep your Windows Security up to date.
But wait a minute, Windows Security has prevented the user from viewing your saved passwords. Does it prevent the user from logging in to your account? The answer is No. When you save your password on Chrome, any person can log into your account simply by entering your username. This is because after entering the username, the saved password will be filled in automatically.
Hence, saving the passwords in Chrome is not safe.
2] How to View Saved Passwords in Firefox
To view the saved passwords on Firefox, follow the below-listed steps:
- Launch the Firefox browser.
- Click on the three horizontal lines on the top right corner of the browser
- Select “Logins and Passwords” options.
- This will open Firefox Lockwise, a built-in password manager of Firefox.
- Now, you will see all the accounts on the left panel.
- Click on the “Eye” icon and the browser will show you the saved password.
Unlike Chrome, Windows Defender will not stop the user from viewing the saved passwords in Firefox. Moreover, just like Chrome, Firefox browser also fills the passwords automatically for a particular account.
Hence, any user can log into your account if you have saved that account’s password.
3] How to View Saved Passwords in Edge
To view the saved passwords in Edge, follow the below-listed steps:
- Launch Edge web browser.
- Click on three horizontal dots on the top right corner of the browser
- Select the “Settings” option.
- Click on the “Profiles” option on the left panel.
- This will open your profile. Now, select the “Passwords” option.
- Scroll down to see the saved passwords.
To view the saved passwords, you have to click on the “Eye” icon. Because Edge is the product of Microsoft Corporation, the user has to verify himself by entering the Windows password. This feature protects your passwords from being viewed by another person. But it doesn’t mean that any other person cannot log into your account. Like Chrome and Firefox, Edge also fills the passwords automatically after entering the username on a particular website. This makes your account insecure.
One advanced feature of Edge is that it alerts you about the password leak when someone attempts to view your saved passwords so that you can take immediate action. This is a good feature. However, this feature will not stop anyone from logging into your accounts.
Saving your passwords in web browsers also has another dark side. Hackers always remain in the search of getting login information of the users. If you save your passwords, they can steal them easily by cookie or session hijacking.
If you think that two-step authentication will protect your account from being hijacked, hence, there is no risk of saving the passwords, you are wrong. Two-factor authentication (2FA) is an excellent way to protect your account, but hackers can trick your mind to bypass the 2FA. Saving the passwords in web browsers make it easier for hackers to bypass two-step authentication.
You can if you wish, disable the built-In Password Manager in your browsers.
Setting up a Master Password helps?
Setting a Master Password for your browser is one way to mitigate this issue up to an extent. However, this too could be circumvented. Using Inspect Element feature, you can view and edit the code of a page so that it will unhash a password.
- Right-click the password field on a website
- Select Inspect Element.
- Double-click on
type="password", and replace password with some text.
- Hit Enter
- Close Inspect Element.
- The password will be un-hashed and revealed.
This will work on any OS or browser.
Save password option on web browsers makes the login process easy, but it puts your account and confidential data at risk. If you can compromise your confidential data for the sake of convenience, you can save the passwords on web browsers. The permanent solution for the problem is never saving the passwords on any web browser but use a good password management software instead.