Why You Shouldn’t Save Your Passwords in Your Browser

In light of the recent Facebook/Cambridge Analytica drama, I believe it’s important to highlight another less publicized issue that unfolded a few months ago.

How many passwords do you have? Email accounts, online banking, music streaming, social media … whether you use one password or ten, it turns out how you save it is just as important as the password itself.

We are now in a time where data has surpassed oil as the most valuable resource in the world.

While many rely on their Internet browser to remember their passwords, a recent scandal in a niche online community reveals we shouldn’t be so quick to rely on our browsers anymore. Here’s what happened, and here is how to protect yourself.

How One Company Revealed Just How Vulnerable We Are

One thing that clients don’t know about me is that I love flight simulation and aviation in general. There’s nothing better than being able to execute a gate-to-gate real world flight plan from LAX to JFK in a virtual Boeing 737-800 or Airbus A320, or exploring the beautiful terrain of the Pacific Northwest in a Bell 407 helicopter.

But in order to fly high fidelity versions of these aircraft, you have to purchase add-on software from various developers. Imagine downloading that add-on and your anti-virus software sends you a warning that it detects suspicious malware. In some cases, people didn’t even receive notice of or realize what had happened. But those who did wanted answers.

It turns out that FlightSimLabs (FSLabs) included a password dump tool in their installer, which is essentially a tool to extract all the passwords saved in your Internet browser.

This malware was intended to target pirates. FSLabs claims it discarded all information that didn’t match pirated serial numbers previously singled out. But all the data was sent unencrypted, and all the passwords from the Internet browser were obtained, not just those of the user. In short, this was incredibly illegal.

So while the intentions of FSLabs may have been honest, many are criticizing their aggressive approach.

And many more are realizing that Internet browsers are not the safest place to keep our passwords.

Now take a moment and think of all those passwords you use. You may think that the flight sim market is a small one and has nothing to do with you, but the truth is that it exposes the vulnerability of our information.

If FSLabs can do it, why can’t others? Is it just a matter of time until more do?

So, what are your options to protect your information?

The Top 5 Password Managers and Generators

You can find detailed information about each option, but here’s a quick rundown:

1. LastPass

My personal choice and the most popular of the 5 provided here
Autofill option plugs in your information on websites, saving you precious time
Stores digital records (i.e. insurance cards, memberships, etc.) in one place
Free and premium options, depending on your needs

2. Dashlane

LastPass’ closest competitor
Autofill option plugs in your information on websites, saving you precious time
Bulk password changer can change many passwords instantaneously in the event of a data breach
Free and premium options, depending on your needs

3. RoboForm

Ability to gain emergency access
Autofill option plugs in your information on websites, saving you precious time
Email customer support available 24/7/365
Free and premium options, depending on your needs

4. KeePass

More suited for the technologically-savvy user
Open source so anyone can investigate it for weaknesses
Multiple-user support
Free option only

5. Sticky Password

Made by people behind AVG Antivirus
Autofill option plugs in your information on websites, saving you precious time
Excellent browser support: 16 browsers on all 4 major platforms
Free, premium, and lifetime options available

There are excellent options available to keep your data secure. Take your time exploring them and rest assured that your personal information can be protected for very little or no money. In this day and age, that means everything.

IS IT TIME TO #DELETEFACEBOOK?

Birthday reminders, family pictures, memes for that mid-afternoon comic relief, or maybe recommendations for local businesses. However you use Facebook, it’s undeniable that this social network has seeped its way into our lives, into multiple generations, and influences how we see the world.

So when the news comes out that over 50 million users’ private information has been accessed and used to influence the elections, many of us are left thinking … so what now? Who’s viewing my information and how is it being used and protected? And the million-dollar question: Should I get off Facebook?

First, let’s wrap our heads around recent events.

WHAT EXACTLY HAPPENED?

Cambridge Analytica accessed the data of millions of Facebook users. The data included details about users’ personal information, their networks of friends, and their “likes.” From this data, they created profiles of people and then zeroed in on them with digital ads to sway their voting behavior.

WHAT IS CAMBRIDGE ANALYTICA?

Cambridge Analytica is a political data firm that collects data, analyzes it, and then combines that with strategic communication to influence elections. The company has been funded in large part by Robert Mercer, a major Republican donor, and Stephen K. Bannon, former advisor to President Trump. The firm was hired by President Trump’s 2016 election campaign.

WAS THIS A DATA BREACH?

Well, no … and yes. When you create an account on Facebook, you consent to researchers accessing your data for academic purposes. What isn’t accepted is for this data to be given or sold to advertising networks or services such as data brokers. And that’s exactly what happened when Dr. Kogan, a Russian-American psychology professor at Cambridge University, gave 50 million profiles to Cambridge Analytica. In doing so, Dr. Kogan violated Facebook rules.

When Facebook found this out, they deleted Dr. Kogan’s app that allowed him to harvest this data. They received certification that the data was destroyed, but it turns out this was not the case. Investigations are now underway with the FTC, Congress, the British Parliament, and the attorney general of Massachusetts.

SO …SHOULD I DELETE FACEBOOK?

First, ask yourself what you use Facebook for. If it’s just the occasional birthday reminder and funny meme, then maybe you wouldn’t miss it that much. But keep these points in mind.

Cons of deleting

Deleting your profile doesn’t stop them from tracking you, nor does it stop them from using the data they have already collected.
Facebook isn’t the only company that collects your data. Other companies will find ways to collect it and sell it, so in the long run, deleting your account probably won’t do that much for your data security.
Essentially, data security is more an issue of corporate surveillance. How are companies tracking and profiling everyone? Mobile devices are essentially tracking devices, and most of us would have a hard time leading our daily lives without them.
Small businesses rely on Facebook to reach their communities, and Facebook advertising has proven very effective to get new clients and keep businesses prospering. Even if you’re not a small business owner, most of us want to support them over their giant corporate counterpart.
It’s the Internet. Nothing will ever go away completely. A truth we must face in these modern times.
You’ll be out of touch. Whether with your community, family pictures and birthday reminders, you’ll have to make more of an effort to stay connected through other means.
Loss of community. Beyond sharing cute memes and cat videos, professionals and small business owners find each other and help each other on Facebook. I personally belong to a few advisor groups where we advise each other on practice management and financial planning topics.

Then again, life did exist before Facebook, and deleting your account could have its advantages.

Pros of deleting

Those people who really want to keep in touch may find other ways to do so. Deleting Facebook doesn’t mean you have to say goodbye to all your friends, though your circle may grow smaller without it.
According to an experiment, people who gave up Facebook for a week ended up happier, less lonely, and less depressed. We don’t have to constantly compare ourselves to others.
You might waste less time browsing and become more productive.
It’ll give you the temporary satisfaction and illusion of controlling your data, however temporary and illusory that may be.

I WANT TO DELETE FACEBOOK, BUT HOW?

If you’ve made up your mind, but aren’t sure how to go about it, follow these steps. It’s more than deleting just your Facebook account.

Delete all Facebook apps from devices (Facebook, WhatsApp, Instagram, Messenger)
Deauthorize all apps and websites from your Facebook account
Go into Ads and stop all tracking there
Get rid of Facebook’s ability to track you
- Follow the prompts on the Digital Advertising Alliance’s opt-out page
- Delete cookies in browsers for every device
Never use Facebook again

BUT WAIT! IS THERE A HAPPY MIDDLE GROUND?

You can minimize its effect by doing the following:

Don’t use Facebook to sign on to other apps and websites.
Only become friends with people you know.
Don’t use the location tagger.
Be careful of what you like and post.

Articles, talk shows, podcasts, and blogs like this one will abound telling you why you should or shouldn’t delete Facebook. Think about your reasons. Is it just to make a statement to big tech companies, keeping in mind that we live in a surveillance state? Are you okay with that? Only you can make this decision, but hopefully your decision will now be an informed one.