Doesn't matter whether it is Edge, Chrome, Brave, Firefox or any other browser out there. You are taking a huge risk with all your accounts.
Your browser might pop-up asking if you would like to save your account information, credit cards, names and addresses.
It is very easy to export that data once you put it in, attackers can either log in to your user account while resetting your password (which will then allow the attacker to see all your credentials) or by using a Password Stealer (which is available for free to anyone trying to attempt something malicious).
Nowadays, these hackers jump on a forum, pay 15-50$ to create their malware package which normally comes with a Password Stealer implemented in the design of the software package.
If your hard disk isn't encrypted and you have saved personal information in the browser then your operating system user account can be easily hacked and accessed, afterwards all they need to do is open up the browser, put in the password they just hacked, and view all your saved passwords. Hard disk encryption is just as important as not saving credentials in the browser.
Want to see how easy it is?
Password Recovery tools are easily accessible on the internet:
What's a good way to save all my online information then?
We recommend using a Password Vault/Manager, our solution comes with MFA (Multi-Factor Authentication) implemented on deployment with a unique organization key which creates a cryptographic algorithm using it as a factor of encryption.
In short, MFA makes logging in to your account secure while the organization key does encryption randomization to scramble account information.
Looking for a free solution for personal use to keep you safe?
LastPass is one option (cloud based), while KeePass is another (locally based).
Cloud based password managers are considered higher security than locally based password managers because locally based password managers can be hacked or brute-forced.
Disable Chrome from saving passwords across G Suite domain:
Location to turn it on: Devices \ Chrome \ Managed Browsers
There you can set the policy to block saving passwords.
That works for Windows / Mac / Linux users.
If your users use a Chrome device, the password manager can be disabled in:
Devices \ Chrome \ Settings - User & Browser Settings, Tab - Security
You can check the settings to confirm that they are in place.
Important is to select correct OU for those users to apply/change settings.
To disable your browser from saving information:
- Brave: Settings > Advanced > Autofill. Toggle off "Offer to save passwords."
- Chrome: Settings > Autofill. Toggle off "Offer to save passwords."
Same with Payment info, do not save credit card information on your browser.
- Edge: Settings > Profiles > Passwords. Toggle off "Offer to save passwords."
Same with Payment info, do not save credit card information on your browser.
- Firefox: Settings > Privacy & Security. Scroll down to Logins and Passwords and uncheck "Ask to save logins and passwords for websites."
Firefox also gives you the option of designating websites for which the passwords will never be saved.
- Opera: Settings > Advanced Settings > Autofill > Passwords. Toggle off "Offer to save passwords."
Remember to transfer all your saved passwords from your browser to password vault.
Extremely Important - delete the passwords in your browser password manager:
