It happens to all of us. We create a new online account for that must have purchase of a new banana yellow kayak, and the web browser asks, “Do you want to save this password?” Google, Firefox, Edge, Safari… They all do it. Super convenient, right. Because everyone forgets passwords. But is it secure?
A browser based password manager is better than nothing, but it still has limitations; primarily because it is meant as an added feature for convenience and is not a security focused product. With a browser based password manager, if someone can access your device (i.e. phone, tablet, computer), they can access your passwords. Getting to a bank account or other sensitive information is as easy as opening the history, navigating to the website and bang, everything autofills. Depending on your browser, saved passwords may even be visible from settings.
So, does a better option exist or do we just go back to the post-it note stuck to the bottom of the keyboard? Try looking at a password manager. A good password manager encrypts the password with a secure methodology, such as AES-256 and locks the password list behind a master password preventing unapproved access. Advanced password managers allow users to share login access with others (i.e. coworkers) without revealing the password. For a more detailed explanation of the features available, look at these two password managers. Free versions of both are available.