The BIGGEST Password Mistake!

Photo by Richy Great on Unsplash

In this article, we are going to talk about why you shouldn’t save your passwords to your browser. This is a HUGE mistake if you are doing this. We’ll discuss in more detail below.

If you use a modern browser such as Chrome, Firefox, or even Edge, then you’ve probably seen a little notification that pops up when you first log into a website. It asks you if you want to save your username and password. How convenient you think. How awesome is this is probably another thought that crosses your mind.

While it can be a tremendous time saver have your browser store all those passwords for you, there are some serious drawbacks that I’d like to highlight in this article. If you have ever used your browser to store your username and password, you’ll want to stick around because we’ll be discussing some the biggest risks you have if you utilize that feature.

Okay, so I’m not going to lie. I’ve used the feature on the browser that allows you to save your password. It almost immediately pops up and whenever you change your password, it reminds you to update your stored credentials to match the new ones. This is an amazing feature. Best of all, it stores your unique passwords for each website. Every time you come to the website, there it is, prefilled for you. Life can’t get any better. Except there are some issues with using this feature. Let’s jump into it.

First, every password is saved on your one browser. In order to see the list of all those passwords, all you need is the administrator password for your computer. This one feature ruins it. It doesn’t matter how safe, strong, and unique your password is. It doesn’t matter if you use a different username and password for every website. It doesn’t matter if you update your passwords every 90 days. None of that matters if only one admin password can show and expose all of your hard work.

With one password, an attacker can gain access to your entire catalog of usernames and passwords. In my opinion, this isn’t very safe. You might be thinking, but I’m the only one that uses my computer. Well, what happens when you sell or pass on your computer to someone else? Do you take the appropriate precautions to wipe your computer clean? What if you have your admin password written down and someone finds it in your house? They then have access to every stored password. Worst case scenario, you log into a public computer and save your username and password in a public browser. Then, any person that comes after you might be able to see or log into your account since your credentials are saved. If you ever log into a public computer, please make sure you either use incognito mode or just make sure to log out and not save your credentials.

The next problem is that it makes you forget your password. Because you never have to retype your passwords, your passwords are more likely forgotten. Easy solution, write your passwords down. . . but then we are back to violating password safety guidelines. I’ve met countless people that depend on the browser saving their passwords that they need to reset their passwords whenever they log in from a different device. This then begins an endless loop of constantly having to reset your password because you forget what you change it to. Then your previous browser still has the old one saved and the new password doesn’t work because you forgot it. So then you update it in that browser and the cycle continues.

Moral of the story, if you can avoid it, please don’t use the browser to save your passwords. It’s much more secure to use unique passwords that are long and easy to remember so you can avoid having to save them or writing them down.

If you enjoyed today’s topic, make sure that you follow me here on Medium. If you want to find me and all the other work I’m working on check me out on:

If you want to listen to the audio version of this article, make sure you listen to our podcast

I’m an engineer working professionally in San Diego, CA. I’m trying to improve every day and use this space to document. Connect: apetech.me/social

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store