The Dangers of Password Autofills

The Dangers of Password Autofills

Dennis Snider

263 Posts




It appears that some advertising networks are now using tracking scripts to harvest the email addresses that your password manager enters into websites as part of the autofill function. That alone would be cause for concern, but it appears the same technology could be used to harvest your password as well. This applies to all password managers in browsers and browser extensions; users are advised to disable autofill functions to protect their information.

The way this happens is that certain third-party advertising scripts, which are present on virtually every website you visit, create invisible login/password boxes and prompts the autofill feature to fill them in, thereby gaining your password without you even knowing it.

This problem is not something that could happen, is something that is happening; around a thousand of the most popular million websites contain this vulnerability, according to experts. At present, it appears only to be used for harvesting usernames and emails, but the opportunity is there to use it to harvest passwords any time.

The best way of protecting yourself against the security threat is to make sure that you have a different password for every website to which you log in; if you do, the worst-case scenario is that somebody is able to log into a specific website in your name. If you use the same password for everything, once a third-party has your login to one website, they can gain access to your email, your bank accounts, and everything else you use the same password for.

Many of us have trouble remembering multiple passwords, so a good option is to use a password manager such as LastPass or 1Password that saves passwords for you; these managers have options to disable autofill either completely (in which case you would have to cut-and-paste usernames and passwords from the list contained in the manager) – the safest option but one which removes a lot of the convenience of a password manager – or partially, so that the manager only fills in details when prompted to by you, ensuring that you only give your details to that specific page.

Password managers are definitely preferable to using the autofill function in your browser; some browsers, like Microsoft Edge and Google Chrome, have no facility to disable autofill, while others like Firefox make it unnecessarily complicated. In the long run, hopefully, the creators of browsers and password managers will be wary of this threat and prevent autofill plastering your login on every webpage you visit, but for now, disabling autofill is definitely the safest option.

9 thoughts on “The Dangers of Password Autofills

  1. Deneen

    I have been browsing on-line more than 3 hours as of late, but
    I by no means found any interesting article like yours.
    It’s beautiful value enough for me. In my view, if all website owners and bloggers made good content material
    as you probably did, the web hosting sites will be a
    lot more useful than ever before.

    August 11, 2020 at 3:26 am Reply
  2. Gene

    Its like you read my mind! You appear to know a lot about this, like you wrote the book in it or
    something. I think that you could do with a few pics to drive the message home a bit, but instead of that, this is excellent blog.

    A fantastic read. I’ll definitely be back.

    my blog: hosting services

    August 13, 2020 at 11:29 pm Reply
  3. Sherri

    Very nice post. I just stumbled upon your blog and wanted to say that
    I’ve really enjoyed surfing around your blog posts.

    After all I’ll be subscribing to your rss feed and I hope you write again very soon!

    Take a look at my homepage :: cheap flights

    August 24, 2020 at 1:12 am Reply
  4. Annis

    What’s up, everything is going perfectly here and ofcourse every one is
    sharing facts, that’s really excellent, keep up writing.

    Here is my blog post … cheap flights

    August 24, 2020 at 3:11 am Reply
  5. Opal

    Does your site have a contact page? I’m having trouble locating it
    but, I’d like to send you an email. I’ve got some recommendations for your blog you might be interested in hearing.

    Either way, great site and I look forward to seeing it expand over

    Stop by my blog post; web hosting sites

    August 25, 2020 at 6:33 am Reply
  6. Nichol

    Hello, I wish for to subscribe for this blog to get most up-to-date updates, so where can i do it please help out.
    cheap flights yynxznuh

    August 26, 2020 at 6:33 pm Reply
  7. Lillian

    These are truly enormous ideas in about blogging.
    You have touched some pleasant factors here. Any way keep up wrinting.

    Have a look at my homepage: black mass

    August 30, 2020 at 9:30 pm Reply
  8. Kayla

    Hi there to every body, it’s my first visit of this blog;
    this webpage includes awesome and actually fine
    stuff designed for visitors.

    My web blog; web hosting reviews

    September 5, 2020 at 1:13 am Reply
  9. Alphonso

    Stunning story there. What occurred after? Good luck!

    Feel free to surf to my web-site; web hosting services

    September 5, 2020 at 7:14 am Reply

Leave a Reply

Your email address will not be published. Required fields are marked *