The ability to have an internet browser save and autocomplete your passwords can be incredibly convenient—especially when you have a unique, complex password to remember for each of your user accounts—but this convenience comes with a hidden security cost. Unsurprisingly, hackers have discovered that auto-fill provides an easy way to track your online activity and steal your data.
Why auto-fill passwords are so dangerous
As of December 2018, there were 4.1 billion internet users in the world. Each of these individuals has to create dozens of passwords to protect their accounts and meet the security requirements of the platforms they use—long story short, that's a lot of passwords.
In response, most web browsers have integrated a mechanism that enables usernames and passwords to be automatically entered and saved in a web form. While convenient, the problem lies in the fact that it is incredibly easy to view passwords in modern web browsers. All a hacker needs to do is place an invisible form on a compromised web page to collect users’ login information.
Using auto-fill to track users
For over a decade, there's been a password security tug-of-war between hackers and cybersecurity professionals. However, few people realize that digital marketers also use password auto-fill to monitor user activity.
Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to track online activity and sell user data to advertisers. While they've made no known attempts to steal passwords, this raises serious concerns about online privacy.
One simple security tip for today
A quick and effective way to improve your security posture right now is to turn off auto-fill in your web browser. Here's how to do it:
- If you’re using Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords.
- If you’re using Firefox – Open the Options window, click Privacy, and under the History heading, select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
- If you’re using Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.
Good password hygiene is an easy and necessary step that end users must take to protect their data from hacks and breaches. Want to learn more about how you can safeguard your business from the ground up with advanced cybersecurity protection? Contact us today.