We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
MSE News: Google Chrome warning: Be careful with online passwords
Options

Former_MSE_Helen
Posts: 2,382 Forumite
"It's been revealed that online passwords are stored with little security on Google Chrome, so users should beware..."
Read the full story:
Google Chrome warning: Be careful with online passwords

Click reply below to discuss. If you haven’t already, join the forum to reply. If you aren’t sure how it all works, read our New to Forum? Intro Guide.
Google Chrome warning: Be careful with online passwords

Click reply below to discuss. If you haven’t already, join the forum to reply. If you aren’t sure how it all works, read our New to Forum? Intro Guide.
0
Comments
-
Hardly anything new?0
-
What a ridiculous article.
Whilst Internet Explorer and Firefox may give the option of encrypting all your passwords using a "master password", I think you'll find (almost) no one bothers to set one! Where's the dire warning for users of those browsers to set the password?
Ultimately, if the browser is able to send your password to the remote site without you having to type it (or another master password) then quite clearly your computer knows the password, and anyone with access to your computer can find it too!
And given the (lack of) strength of passwords chosen by most users, storing them unencrypted on their own PC is the least of their worries.0 -
My passwords got hacked because of the above. And I didn't understand how. So my son said 'Did you save passwords in Chrome?' to which I replied I didn't know. So without using a password, he went into Chromes ' Advanced Settings' page and there they were, unprotected. They have since been deleted.
And how many other non Chrome savvy users don't know this either? Because not everyones an expert, you know.0 -
My point isn't that this is not a problem. My point is that this is the wrong problem to be worrying about.
1. It's not just Chrome -- people save their passwords in all browsers, and almost none of them will both know how to and be bothered to set a master password in them.
2. It's the wrong problem to worry about. If someone has managed to gain access to your computer to view your unencrypted passwords, they have sufficient access to install a keylogger and get all your passwords anyway.
3. It's entirely the wrong problem as most password compromises happen at the other end. Hackers don't attack a single computer and steal one user's passwords. They attack a company and steal passwords for the entire userbase. Hopefully, if the company is remotely competent, these will be hashed passwords, but well over 50% of passwords are so weak they can be easily guessed by a computer in minutes or hours.
If MSE want to champion computer security, it's certainly a worthwhile cause. But this article is (as usual) misleading and sensational.0 -
Massively much more important is to use different passwords for every site. That way if one site gets hacked, they cant reuse your email and passwords on other sites.
If you want to securely store passwords in Chrome (or other browsers), use an add-on such as Lastpass or Keepass. Lastpass in particular is very good at importing your passwords from your browser, helping you change them to more secure passwords, and making them accessible from any browser you use. (Keepass has a free Android app as well).0 -
As I understand it IE will encrypt the stored passwords with the user's password as the key - so other users shouldn't be able to see them unless they know your password. Not sure about firefox.0
-
Massively much more important is to use different passwords for every site. That way if one site gets hacked, they cant reuse your email and passwords on other sites.0
-
My point isn't that this is not a problem. My point is that this is the wrong problem to be worrying about.
1. It's not just Chrome -- people save their passwords in all browsers, and almost none of them will both know how to and be bothered to set a master password in them.
2. It's the wrong problem to worry about. If someone has managed to gain access to your computer to view your unencrypted passwords, they have sufficient access to install a keylogger and get all your passwords anyway.
3. It's entirely the wrong problem as most password compromises happen at the other end. Hackers don't attack a single computer and steal one user's passwords. They attack a company and steal passwords for the entire userbase. Hopefully, if the company is remotely competent, these will be hashed passwords, but well over 50% of passwords are so weak they can be easily guessed by a computer in minutes or hours.
If MSE want to champion computer security, it's certainly a worthwhile cause. But this article is (as usual) misleading and sensational.
I know what your point was. And a valid one it is too.
But you missed mine. If anyone, be that family, friends, or my childrens mates can view all my passwords via Googles advance settings page, thats just poor. And highly alarming too.
The MSE article is valid. And right to point it out too.0 -
There are a lot of bad things people could do if you leave your computer unattended and unlocked. The easiest solution is to either lock the screen (windows logo key and L) or even better, save some battery life and/or electricity and put it into standby.
Most browsers have this feature and have done for years. It can be incredibly useful if you ever forget a password.
At least in chrome, it only reveals passwords individually. In Firefox, there's a big button which will reveal EVERY username and password you have saved in the browser, meaning someone could get your credentials for your email, facebook, internet banking, and any other accounts you have, instantly.0 -
Thanks for the pointless anti-Chrome sentiment and driving people onto inferior browsers, MSE.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.4K Spending & Discounts
- 243.7K Work, Benefits & Business
- 598.5K Mortgages, Homes & Bills
- 176.8K Life & Family
- 256.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards