当您登录您的帐户时,您可能已经看到一个弹出窗口来保存您的密码。Chrome、Firefox、Edge等网络浏览器都带有内置的密码管理器。您可以在此处查看所有已保存的密码。如果您将密码保存在特定的 Web 浏览器上,则在再次登录时无需输入密码。浏览器的自动填充功能会输入您为特定网站保存的密码。这是登录您的帐户的最便捷方式。不是吗?好吧(Okay),让我们把方便放在一边。问题是,“在网络浏览器中保存密码有多安全?” (How)这就是我们将在本文中讨论的内容。
在浏览器中保存密码是否安全?
在这篇文章中,我们将看看最流行的网络浏览器的内置密码管理器的安全级别:
- 铬合金
- 火狐
- 边缘
在 Web 浏览器的密码管理器中保存密码可能会让您付出高昂的代价。这是因为任何人都可以轻松登录您的帐户。我们将向您展示如何。
1]如何(How)在Chrome中查看保存的密码(View Saved Passwords)
要在Chrome(Chrome)上查看保存的密码,请按照以下步骤操作:
- 启动 Chrome 浏览器。
- 单击(Click)浏览器右上角的三个垂直点,然后选择“设置(Settings)”选项。
- 单击左侧面板上的“自动填充”选项。(Autofill)
- 现在,单击“自动填充(Autofill)”部分下的“密码”。(Passwords)
在这里,您可以看到所有保存的用户名和密码。要查看密码,您必须单击“眼睛(eye)”图标。但在Windows 10上的(Windows 10)Google Chrome中查看密码并不像听起来那么容易。当用户试图查看保存的密码时,他必须输入Windows密码。这意味着Windows Defender会保护您在(Windows Defender)Google Chrome上保存的密码。
在我尝试查看保存的密码期间,我还尝试了“使用另一个帐户(Use another account)”选项,但Windows Defender也失败了。这就是为什么总是建议让您的Windows 安全(Windows Security)中心保持最新的原因。
但请稍等,Windows 安全中心(Windows Security)已阻止用户查看您保存的密码。它会阻止用户登录您的帐户吗?答案是否定的。当您在Chrome上保存密码时,任何人只需输入您的用户名即可登录您的帐户。这是因为输入用户名后,保存的密码会自动填写。
因此(Hence),将密码保存在Chrome中并不安全。
阅读(Read):如何启用和使用 Chrome 内置密码生成器(How to enable and use Chrome built-in Password Generator)。
2]如何(How)在Firefox中查看保存的密码(View Saved Passwords)
要在Firefox(Firefox)上查看保存的密码,请按照下列步骤操作:
- 启动火狐浏览器。
- 点击(Click)浏览器右上角的三横线
- 选择“登录名和密码(Logins and Passwords)”选项。
- 这将打开Firefox Lockwise ,这是(Firefox Lockwise)Firefox的内置密码管理器。
- 现在,您将在左侧面板上看到所有帐户。
- 点击“眼睛(Eye)”图标,浏览器将显示保存的密码。
与Chrome不同,Windows Defender不会阻止用户查看Firefox中保存的密码。此外,与Chrome一样,Firefox浏览器也会自动填写特定帐户的密码。
因此(Hence),如果您保存了该帐户的密码,任何用户都可以登录您的帐户。
阅读(Read):如何在 Firefox 中设置增强跟踪、保护违规警报、Lockwise(How to set up Enhanced Tracking, Protection Breach Alerts, Lockwise in Firefox)。
3]如何(How)在Edge中查看保存的密码(View Saved Passwords)
要查看Edge(Edge)中保存的密码,请按照以下步骤操作:
- 启动 Edge 网络浏览器。
- 点击(Click)浏览器右上角的三个水平点
- 选择“设置(Settings)”选项。
- 单击左侧面板上的“配置文件”选项。(Profiles)
- 这将打开您的个人资料。现在,选择“密码(Passwords)”选项。
- 向下滚动(Scroll)以查看保存的密码。
要查看保存的密码,您必须单击“眼睛(Eye)”图标。由于Edge是Microsoft Corporation的产品,用户必须通过输入Windows密码来验证自己。此功能可保护您的密码不被他人查看。但这并不意味着任何其他人无法登录您的帐户。与Chrome和Firefox一样,Edge也会在特定网站上输入用户名后自动填写密码。这会使您的帐户不安全。
Edge的一项高级功能是,当有人试图查看您保存的密码时,它会提醒您密码泄露,以便您立即采取行动。这是一个很好的功能。但是,此功能不会阻止任何人登录您的帐户。
将密码保存在网络浏览器中也有另一个阴暗面。黑客(Hackers)总是在寻找获取用户的登录信息。如果您保存密码,他们可以通过cookie 或会话劫持(cookie or session hijacking)轻松窃取密码。
如果您认为两步验证可以保护您的帐户不被劫持,因此没有保存密码的风险,那您就错了。双重身份验证 (2FA) 是保护您帐户的绝佳方式,但黑客可以欺骗您的大脑绕过 2FA(bypass the 2FA)。将密码保存在网络浏览器中使黑客更容易绕过两步验证。
您可以根据需要禁用浏览器中的内置密码管理器(disable the built-In Password Manager in your browsers)。
设置主密码有帮助吗?
为浏览器(Master Password for your browser)设置主密码是在一定程度上缓解此问题的一种方法。然而,这也可以被规避。使用 Inspect Element功能,您可以查看和编辑页面的代码,以便它取消密码。
- 右键单击(Right-click)网站上的密码字段
- 选择检查元素。
- 双击,并用一些文本
type="password"
替换密码。(password) - 按回车
- 关闭检查元素。
- 密码将被取消散列并显示。
这适用于任何操作系统或浏览器。
阅读(Read):如何在 Edge 中使用密码监视器和密码生成器功能(How to use Password Monitor & Password Generator feature in Edge)。
Web 浏览器上的保存(Save)密码选项使登录过程变得容易,但它会使您的帐户和机密数据面临风险。如果为了方便您可以泄露您的机密数据,您可以将密码保存在网络浏览器上。该问题的永久解决方案是永远不要将密码保存在任何网络浏览器上,而是使用好的密码管理软件(password management software)。
Is it safe to Save Passwords in Chrome, Firefox or Edge browser?
You might have seеn a popup to save your passwords when you log into your accoυnts. Web browѕers like Chrоme, Firefox, Edge, etc., come with a built-in password manager. You can view all your savеd passwords here. If you savе your password on a particular web browѕer, yоυ need not enter it when yoυ log in again. Τhe auto-fill feature of the browser entеrs the password that you have saved for a particular website. It is the most convenient way tо log іnto your accounts. Isn’t it? Okay, let’s put convenience aside. Τhe quеstion is, “How safе is saving the passwords in web browsers?” This is what we will discuss in this article.
Is it safe to Save Passwords in your browser?
In this post, we will take a look at the safety level of built-in password managers of the most popular web browsers:
- Chrome
- Firefox
- Edge
Saving passwords in your web browsers’ password managers can cost you high. This is because any person can log into your account easily. We will show you how.
1] How to View Saved Passwords in Chrome
To view the saved passwords on Chrome, follow the below-listed steps:
- Launch the Chrome browser.
- Click on the three vertical dots on the top right corner of the browser and select the “Settings” option.
- Click on the “Autofill” option on the left panel.
- Now, click on “Passwords” under the “Autofill” section.
Here, you can see all the saved usernames and passwords. To view the passwords, you have to click on the “eye” icon. But viewing passwords in Google Chrome on Windows 10 is not as easy as it sounds. When a user tries to view the saved passwords, he has to enter the Windows password. This means the Windows Defender defends your saved passwords on Google Chrome.
During my attempt to view the saved passwords, I also tried the “Use another account” option, but the Windows Defender failed this attempt too. That’s why it is always suggested to keep your Windows Security up to date.
But wait a minute, Windows Security has prevented the user from viewing your saved passwords. Does it prevent the user from logging in to your account? The answer is No. When you save your password on Chrome, any person can log into your account simply by entering your username. This is because after entering the username, the saved password will be filled in automatically.
Hence, saving the passwords in Chrome is not safe.
Read: How to enable and use Chrome built-in Password Generator.
2] How to View Saved Passwords in Firefox
To view the saved passwords on Firefox, follow the below-listed steps:
- Launch the Firefox browser.
- Click on the three horizontal lines on the top right corner of the browser
- Select “Logins and Passwords” options.
- This will open Firefox Lockwise, a built-in password manager of Firefox.
- Now, you will see all the accounts on the left panel.
- Click on the “Eye” icon and the browser will show you the saved password.
Unlike Chrome, Windows Defender will not stop the user from viewing the saved passwords in Firefox. Moreover, just like Chrome, Firefox browser also fills the passwords automatically for a particular account.
Hence, any user can log into your account if you have saved that account’s password.
Read: How to set up Enhanced Tracking, Protection Breach Alerts, Lockwise in Firefox.
3] How to View Saved Passwords in Edge
To view the saved passwords in Edge, follow the below-listed steps:
- Launch Edge web browser.
- Click on three horizontal dots on the top right corner of the browser
- Select the “Settings” option.
- Click on the “Profiles” option on the left panel.
- This will open your profile. Now, select the “Passwords” option.
- Scroll down to see the saved passwords.
To view the saved passwords, you have to click on the “Eye” icon. Because Edge is the product of Microsoft Corporation, the user has to verify himself by entering the Windows password. This feature protects your passwords from being viewed by another person. But it doesn’t mean that any other person cannot log into your account. Like Chrome and Firefox, Edge also fills the passwords automatically after entering the username on a particular website. This makes your account insecure.
One advanced feature of Edge is that it alerts you about the password leak when someone attempts to view your saved passwords so that you can take immediate action. This is a good feature. However, this feature will not stop anyone from logging into your accounts.
Saving your passwords in web browsers also has another dark side. Hackers always remain in the search of getting login information of the users. If you save your passwords, they can steal them easily by cookie or session hijacking.
If you think that two-step authentication will protect your account from being hijacked, hence, there is no risk of saving the passwords, you are wrong. Two-factor authentication (2FA) is an excellent way to protect your account, but hackers can trick your mind to bypass the 2FA. Saving the passwords in web browsers make it easier for hackers to bypass two-step authentication.
You can if you wish, disable the built-In Password Manager in your browsers.
Setting up a Master Password helps?
Setting a Master Password for your browser is one way to mitigate this issue up to an extent. However, this too could be circumvented. Using Inspect Element feature, you can view and edit the code of a page so that it will unhash a password.
- Right-click the password field on a website
- Select Inspect Element.
- Double-click on
type="password"
, and replace password with some text. - Hit Enter
- Close Inspect Element.
- The password will be un-hashed and revealed.
This will work on any OS or browser.
Read: How to use Password Monitor & Password Generator feature in Edge.
Save password option on web browsers makes the login process easy, but it puts your account and confidential data at risk. If you can compromise your confidential data for the sake of convenience, you can save the passwords on web browsers. The permanent solution for the problem is never saving the passwords on any web browser but use a good password management software instead.