Password maintenance and management can be a problem. To keep your accounts safe, you need to come up with a password that is long enough and preferably unguessable. In theory, we should also have a different password for each account so that an attacker discovering one password can’t access everywhere at once.
For example, even if we are not that active on the Internet, we have on average dozens or even hundreds of different online accounts, whether they are e-mail accounts, e-shops, for example, or forums or other services. Remembering so many unique and complex passwords is basically impossible.
The built-in password managers in web browsers have come to the rescue. These store the passwords we choose, but also offer the possibility of creating a strong and completely random password. But should we use these built-in managers?
The good thing about built-in password managers
Almost every major browser already offers this service. Google Chrome, Mozilla Firefox, or Microsoft Edge offer the ability to create, save, and even auto-fill passwords, which comes with a number of benefits:
- Built-in administrators are better than recycling passwords – It’s more secure to use a built-in administrator than one and the same password for all accounts. With an administrator, you don’t have to remember all your passwords or even make them up.
- It’s free – Built-in password managers are browser add-ons and don’t even need to be installed. They can be turned off or on in the settings, but there’s no need to worry about installing or paying for them.
- It’s convenient – There’s no need to get worked up to use it. You can save passwords in one click, and everyone gets used to the autofill right away. Logging in without constantly typing in a password is just great
It all sounds very appealing, doesn’t it? But before you start storing passwords in your browsers like it’s a race, consider a few other things. After all, the most convenient choice may not be the best in the long run.
And now for some negatives
- Password security isn’t top priority – Browsers do a lot to secure passwords, but it’s just not a priority. Other features are usually more important. As far as built-in managers go, you’re more likely to make life more convenient rather than keeping passwords completely secure.
- It’s easier for an attacker to get to passwords – To view passwords in a browser, you typically need to enter a system password or even just a short PIN. If an attacker can physically get to your computer, you need to expect that they will get your browser passwords as well. For home use without carrying your computer around, this may be enough, but for computers that are in contact with other people, this approach is not very secure.
- Not much is known about security – Companies do claim that passwords are encrypted, which is 99.9% true, but very little is known about exactly how. We simply won’t know the details of how secure this encryption is. So we have to rather blindly believe that the passwords are safe.
Nor do the negatives mean that you should avoid built-in password managers out of hand. They are better than using one password for everything. However, experts say that the best choice is to use a password manager that makes it an absolute priority for companies to be clear about how they store and encrypt passwords.