Don't Save Passwords in Your Web Browser

Learn why browsers are a dangerous place for passwords

browser graphic

In This Article

• Strong passwords keep you safe online

• Web browsers will store them for you

• But that can be very dangerous…

— If your computer is hacked

— If your computer is lost or stolen

— If you use multiple devices

• There's a safer alternative

(No time to read right now? Just want to see the list of things to know? Here you go.)


Introduction

passwordsAs you might know, using long and strong passwords is the best way to secure your online accounts.

You might also be aware that your web browser (Chrome, Firefox, Edge, Safari) can store passwords for you. Many people use this feature.

We'll explain why it's a really bad idea.


Strong Passwords are Hard to Remember

hard to rememberLet's agree that the problem with using strong passwords is that they're really hard to remember, especially when security experts tell us to never use the same password on more than one website.

Letting the web browser store them is easy and convenient.

But if you use more than one browser, or use one on your phone and a different one on your computer, that convenience vanishes because you'll have to maintain your passwords in multiple places.


Serious Risks

However, there are more serious risks with having your browser store your passwords, such as…

  Anyone with physical access to your computer or phone (or can hack in remotely) can open the browser and display all of your passwords (some browsers require authentication for this, but hackers know ways around that).

  If you lose your computer or phone (or have it stolen) and don't have proper security on it, all of your passwords can be found.

  If you use the same browser on multiple devices (for example a phone and a laptop), your passwords are flying around the Internet as the browser tries to keep them in sync. A hacker intercepting that synchronization can capture your passwords.


A Good Alternative

We recommend using a password manager to generate and save passwords instead of using your web browser.

lastpass logoA password manager is a browser extension (and app on phones) that does three things really well:

  Generates strong passwords (like “N!79GbKPn43SKUf^ubK43ex”)

  Saves those passwords and the websites they're associated with

  Encrypts (“scrambles”) them on your computer or phone so anyone looking at them just sees gibberish

Password managers do require you to remember one “master password”. They will then remember hundreds or thousands of passwords for you.

There are free password managers and paid versions. For the basic features shown above, the free versions are fine.

password managersWe recommend LastPass, which our staff has used for over 10 years. Others include Dashlane, Keeper, 1Password, and KeePass.

LastPass will synchronize your passwords between different browsers and multiple devices (computers, phones, etc.) and do so in a heavily encrypted manner so there's no danger of your passwords “leaking out”.

Another reason why password managers are better than just letting your web browser save passwords is that they only do one thing. Password manager companies are not trying to create good web browser software with all the features that requires. They're just focused on making password management easy and safe.


Have We Convinced You?

If we've convinced you that saving passwords in your browser is not the safest thing to do, your next question is probably, “How do I delete the passwords already in my browser?”

That depends on which browser you use. Here are the steps…

  Google Chrome

  1. Open a Chrome window.
  2. Click on the three dots on the top right corner and then click Settings.
  3. Select Passwords - you’ll see your saved passwords.
  4. To delete an individual password, click on the three dots next to it and select Remove.
  5. To delete all passwords, go to Clear Browsing Data from Settings > Advanced and select Passwords.
  6. To prevent Chrome from remembering passwords, toggle the switch to the Off position where it says Offer to Save Passwords.

  Microsoft Edge

  1. Open an Edge window
  2. Click on Settings and More
  3. Select Settings and go to Privacy and Security
  4. Under Clear Browsing Data, select Choose What to Clear
  5. Select Passwords and click on Clear

  Mozilla Firefox

  1. Open a Firefox window
  2. Click on the menu option in the top right corner
  3. Choose Options then select the Privacy and Security tab
  4. Go to Saved Logins under Forms and Passwords
  5. You'll see your saved passwords
  6. You can delete individual entries from this list or click on Remove All to clear all passwords
  7. Close the window after you delete the passwords

  Apple Safari

  1. Open a Safari window
  2. Click on Safari in the menu bar and select Preferences
  3. Go to the Passwords tab
  4. You'll see your saved passwords. Select the password you want to remove and click on Remove
  5. To delete all passwords, click on Remove All

Summary

It's quick, easy, and convenient to let your web browser save passwords for you.

But that's a risky move since hackers and others can easily view your passwords. Using a password manager like LastPass is free, simple, and much more secure.


Questions?

If you have any questions about anything here or if there's an issue you'd like us to write about please get in touch.

Want More Info Like This?

Get our Free Newsletter