Why You Shouldn’t Save Your Passwords in Your Browser
In light of the recent Facebook/Cambridge Analytica drama, I believe it’s important to highlight another less publicized issue that unfolded a few months ago.
How many passwords do you have? Email accounts, online banking, music streaming, social media … whether you use one password or ten, it turns out how you save it is just as important as the password itself.
We are now in a time where data has surpassed oil as the most valuable resource in the world.
While many rely on their Internet browser to remember their passwords, a recent scandal in a niche online community reveals we shouldn’t be so quick to rely on our browsers anymore. Here’s what happened, and here is how to protect yourself.
How One Company Revealed Just How Vulnerable We Are
One thing that clients don’t know about me is that I love flight simulation and aviation in general. There’s nothing better than being able to execute a gate-to-gate real world flight plan from LAX to JFK in a virtual Boeing 737-800 or Airbus A320, or exploring the beautiful terrain of the Pacific Northwest in a Bell 407 helicopter.
But in order to fly high fidelity versions of these aircraft, you have to purchase add-on software from various developers. Imagine downloading that add-on and your anti-virus software sends you a warning that it detects suspicious malware. In some cases, people didn’t even receive notice of or realize what had happened. But those who did wanted answers.
It turns out that FlightSimLabs (FSLabs) included a password dump tool in their installer, which is essentially a tool to extract all the passwords saved in your Internet browser.
This malware was intended to target pirates. FSLabs claims it discarded all information that didn’t match pirated serial numbers previously singled out. But all the data was sent unencrypted, and all the passwords from the Internet browser were obtained, not just those of the user. In short, this was incredibly illegal.
So while the intentions of FSLabs may have been honest, many are criticizing their aggressive approach.
And many more are realizing that Internet browsers are not the safest place to keep our passwords.
Now take a moment and think of all those passwords you use. You may think that the flight sim market is a small one and has nothing to do with you, but the truth is that it exposes the vulnerability of our information.
If FSLabs can do it, why can’t others? Is it just a matter of time until more do?
So, what are your options to protect your information?
The Top 5 Password Managers and Generators
You can find detailed information about each option, but here’s a quick rundown:
1. LastPass
- My personal choice and the most popular of the 5 provided here
- Autofill option plugs in your information on websites, saving you precious time
- Stores digital records (i.e. insurance cards, memberships, etc.) in one place
- Free and premium options, depending on your needs
2. Dashlane
- LastPass’ closest competitor
- Autofill option plugs in your information on websites, saving you precious time
- Bulk password changer can change many passwords instantaneously in the event of a data breach
- Free and premium options, depending on your needs
3. RoboForm
- Ability to gain emergency access
- Autofill option plugs in your information on websites, saving you precious time
- Email customer support available 24/7/365
- Free and premium options, depending on your needs
4. KeePass
- More suited for the technologically-savvy user
- Open source so anyone can investigate it for weaknesses
- Multiple-user support
- Free option only
- Made by people behind AVG Antivirus
- Autofill option plugs in your information on websites, saving you precious time
- Excellent browser support: 16 browsers on all 4 major platforms
- Free, premium, and lifetime options available
There are excellent options available to keep your data secure. Take your time exploring them and rest assured that your personal information can be protected for very little or no money. In this day and age, that means everything.