[ad_1]
the safety of our passwords It is essential to prevent personal information and services from being exposed to third parties and it has become extremely popular to trust browsers’ own password managers, and that can be a serious mistake.
And it is that, while a dedicated password management program has a lot of functionalities of securitynow the main web browsers already include their own password management manager, a built-in function that perhaps you should not rely on so much.
Specifically, the most popular browser, Google Chrome has its own password manager called Google Password Manager, but according to experts, you shouldn’t trust it.
Now from Mashable they have contacted several representatives of companies dedicated to password management in the web environment and they have not left the browser in a very good place Chrome.
What the experts think
“Despite continuous warnings from cybersecurity experts about vulnerabilities in browser password managers, Internet users continue to fall for them because they are convenient.“, it states Thomas Smalakystechnical director of NordPass.
“Google’s password manager doesn’t use zero-knowledge encryption“, it states Craig Lurey, co-founder and CTO of Keeper. “In essence, Google can see everything you save. They have an ‘optional’ feature to enable password encryption on the device, but even when enabled, the key to decrypt the information is stored on the device“.
“Hackers use social engineering methods to trick Internet users into downloading new extensions that can easily extract data stored in a browser“, it states Thomas Smalakys. “While there is nothing wrong with storing passwords in the cloud, a company must ensure that user data is encrypted before storing it in the cloud. Therefore, Internet users should choose a service provider that guarantees end-to-end encryption.”.
“Any password manager is better than none at all”, warns Michael Crandell, CEO of Bitwarden. “The limitation of browser-based password managers is that they only work within a walled garden. If you ever need to operate in another browser, or in an environment where that browser doesn’t reach, it’s not convenient.”.
Lurey adds that Chrome is not compliant when it comes to password manager security standards, and this feature is unique to this browser.
On the other hand, Crandell points out “the lack of important features in these browser-based password systems”, such as lacking secure password sharing with friends and family, support for biometric login and security key, and other features.
And Smalakys adds that “many browsers do not require a master password or multi-factor authentication (MFA). Google allows MFA, but does not require it. And in fact, there is no master password. If you leave your desktop with Chrome active, anyone with access can sign in to your accounts. The same is true if you allow someone else to use your phone.”.
In this way, you should be aware that before sharing your passwords with browsers like Chrome, you should know that they do not use zero-knowledge encryption techniques that protect to a greater extent nor do they use a master password, while password management programs Dedicated phones are more secure and offer many more features.
[ad_2]
Leave a Reply