Web Browsers today offer a built-in password manager, and auto-populate username and password on the websites you visit. This is a very convenient feature offered by virtually all web browser makers including Google Chrome, Safari, Firefox, and Microsoft Edge. The question is whether you can trust browser password managers to store your passwords without a security risk.
We use various websites on a daily basis and having to remember usernames and passwords for each website we use is overwhelming especially for those websites we do not often use. We all know we have to use strong passwords, and do not reuse the same password across multiple websites. We also know that writing down a clear-text password on paper or saving them on the cloud is not a good practice. How do you keep track of several dozens of usernames and passwords for websites you use? Are built-in browser-based password managers good enough to use? The simple answer is yes if you do not wish to purchase a commercial-grade password manager. Although premium password managers such as the Dashland, Keeper, NordPass, and 1Password offer richer feature set, browser password managers have advanced to offer decent level of security protection. Our recommendation would be to use a premium password manager, but browser password managers will also provide the protection you wouldn't have gained otherwise.
Without using a password manager, our memories wouldn't keep up with complexities required to maintain good password security and would use one of the following bad practices:
- Use weak passwords.
- Reuse same password in multiple websites and accounts.
- Save clear-text password on a paper or in a clouod.
The only way to avoid using the above is to use a password manager, and a browser-based password manager can help us achieve that. Depending on the type of browser you use, the mileage may vary but the recent advancement in browser manager offered by Google and Firefox are worth noting. The current browser market share as of December 2020 is Chrome (66%), Safari (19%), Firefox (4%), and Edge (3%). Some of the benefits offered by browser password managers include:
- Browser password managers are cross-platform. Whether you use Windows, Mac, or Linux; the browser you use will manage your passwords independent of the devices you use.
- Google recently launched passwords.google.com to store password vault in your Google account outside of Chrome browser, and is protected by your google account password much like the master password used to protect the vault. Firefox also enables you to create a master password to manage your passwords.
- Google, Safari, and Firefox password managers detect weak and compromised passwords and provide an option to change them.
- Safari on iCloud Keychain offers features similar to Google password manager with iTunes password as the master password, but it is only limited to the Apple ecosystem. Safari without the iCloud keychain works much like the Edge and Opera.
- Most browsers including Chrome, Safari, and Firefox can now suggest strong passwords.
Some of the cons of using browser password managers as compared to third-party password managers include:
- No native 2FA support.
- Only limited to browser based web logins, and not able to manage iOS or Android app passwords.
- Security protocols used in browser password managers are less secure than the third-party password managers.
- Sharing passwords between family members is not allowed.
- Not able to store other information such as the credit card, SSN and other secure information.
Conclusion
The browser password managers still needs some security enhancements, but it's much better than not using one. Of the many browsers, Google Chrome and Firefox have the better security features implemented than other browsers. Safari on Mac can utilize iCloud Keychain to manage passwords, but it's only limited to Apple ecosystem.
With brands like LassPass and Opera being hacked, no single security system is secure enough to protect everyone. Browser password manager is not perfect, but if it is used with a 2FA it will provide much secure authentication platform.
Share this post
Leave a comment
All comments are moderated. Spammy and bot submitted comments are deleted. Please submit the comments that are helpful to others, and we'll approve your comments. A comment that includes outbound link will only be approved if the content is relevant to the topic, and has some value to our readers.
Comments (0)
No comment