Why You Shouldn’t Store Passwords in Browsers

A lot of people do it and let’s be honest you are sacrificing password security for convenience.

Don’t get me wrong it’s better than storing your passwords in a password.xlsx file or having the same username and password for every website you go on!

“But my excel file is password protected” – doesn’t matter, there is no excuse good enough to ever justify storing password in a spreadsheet, not even a “password protected” one.

But let’s dive into why a web browser’s password manager is not safe, especially in a business environment.

1.      Web browsers are not designed to be password managers. The management function in a browser is an added feature, no password structure, no customization for length, no special characters.

2.      Browser password managers are not as secure as say, Keeper, Dashlane or LastPass. Unlike these most browser password managers do not support encrypting and locking all login data.

3.      Web browser breach, most web browsers sync across multiple devices and all it takes is one breach to expose all your passwords to Xero or Sage or whatever it may be.

4.      Sharing passwords, unlike password managers you cannot share to your team easily, most people will send the password on a Team’s chat or write is down on a post note.

5.      Can you be sure users lock their devices when they go away from their desk? I mean you should have policies in place to automatically lock the desktop lets honest, but when does that kick in? 5, 10, 15 mins?

6.      How many users just shut the laptop lid at the end of the day and leave everything open in the background? Why is this a problem? You are not ending the active browser session, preventing unauthorized access to sensitive information like logins to online banking etc

Most password managers also come with a Dark Web monitor, letting you know if a password has been breached and then you can automatically change it with a click of a button!