Store Your Password in Your Browser to Increase Security
Do you know that storing your password in your browser actually increasess ecurity against certain malware? Specifically, saving your username and password in the browser secures you from keyloggers.
What Does a Keylogger Do?
This type of malware logs keystrokes each time you press a key on your keyboard. Think about what you do when you shop online. You open your browser, type a website into the browser, and then find merchandise you want to buy.
Once you've loaded your shopping cart, you check out. Checkout systems ask you for personal details such as your full name, billing and shipping address, phone number, email address and credit card information. Some ecommerce stores even ask you to set up a username and password to access the system in the future.
A keylogger tracks every letter you type. This means that all of the information you typed, including sensitive data and the ecommerce URL in the browser, is logged. The logged files are then sent to a private server where the hacker can read all of your typed information. Your ecommerce store username and password can be seen, along with your credit card details and billing address.
Security and Storing Data in the Browser
Assume you decided to store your information in the browser. Instead of typing a username and password and credit card details, you type a few letters and the browser prompts you to choose from stored data. Since a keylogger only has access to what you type, the hacker only gets the URL typed in the browser and a few letters before you were prompted. If you have your information stored, it's never typed, and the hacker's keylogger attack is left neutralized.
The disadvantage to this security is that your information is stored on your computer's hard drive, which leaves your computer open to other vulnerabilities. Some security experts argue that if an attacker is able to gain access to your machine, then storing passwords in the browser in an attempt to thwart keyloggers is useless. The argument is that the hacker already has access to your computer, so the malware can send saved browser from data to the hacker.
For a user or security administrator, the pros and cons should be weighed. If you indiscriminately install browser extensions, stored password and credit card information could be hacked with a malicious extension. If, however, you don't install many third-party tools, this security technique could be useful in case you're unfortunate enough to install a keylogger.
If you run antivirus software on your computer, you have a level of protection that defends against keyloggers and malware that steals data from keystrokes. However, malware creators continue to maneuver around defenses to install malicious software even with antivirus protection. Storing at least partial data in the browser protects you from keyloggers, but users should always be careful about storing sensitive data and updating antivirus software in case of other threats.