Auto-Complete Passwords Can Be Risky
2 min read
Have you been wondering how those companies that place targeted ads or “helpful” suggestions find you? Well, you probably know that part of the answer comes from these companies, and social media sites you visit, collecting data on websites (and social media sites) you visit, then use this information to figure out what ads would interest you. This practice, as annoying as it can be, has been going on for more than a decade. But now there is another online tracking method marketers and advertisers are using, and it come with some serious cyber-security concerns.
Auto-Complete (Auto-Fill) Passwords
Do you know how many online accounts you have? Probably not. It turns out that in 2015, the last year for which this information is currently available, the average internet user had signed on to an average of 90 accounts. Think about it: if you started using the internet seriously in 2000, that 18 years or five accounts per year. Admittedly, most would have come in the past 10 years, but if you are like most people, you have probably signed up for retail accounts, research accounts, social media accounts, financial accounts, medical accounts, greeting card accounts, just-for-fun accounts, etc., etc., etc. They add up. And the fact that your computer allows you to quickly auto-fill the online applications for these accounts makes it easier to do so, results in many people signing up for more accounts than they otherwise would have. But unbeknownst to many of us, this can be risky. And this risk can extend from someone’s personal accounts to your business. A good step forward is a discussion with a managed IT support company that can monitor, manage and maintain your IT infrastructure and protect it against cyber intrusion.
Why? Because it is surprisingly easy for a cyber-thief to trick your browser or your password manager into letting them have your information. Once they have compromised a webpage (social media, retail, medical, etc.) they can place an invisible form on that page that can collect the user’s login information, personal or the company’s. Security professionals have known for some time that marketing companies have been using similar techniques to collect non-sensitive data for marketing analysis, but have more recently become aware that bad actors are using these techniques to steal passwords and other information.
One way to beat them is to turn off auto-fill in your browsers.
Chrome: open Settings, then click Advanced, then Manage Passwords.
Firefox: Options, then Privacy, and under History “Firefox will: Use custom setting for history. A new window will open where you can disable “Remember search and form history”
Safari: Preferences, then select the Auto-fill tab, then turn off all username and password options.
Internet Explorer: Google “turn off autofill in Internet Explorer” as it changes based on your version.
Cyber-security is a complex subject, and getting more intense daily. We’re here to answer any questions you may have. Just give us a call at 770.569.4600.
