Do you save your passwords in Google Chrome? In some other browser? This function, which is used by a large part of the population, hides a fairly large and very dangerous security gap. Today we tell you why you should not save your passwords in Google Chrome or any other web browser. Despite seeming like a good way to do it, the reality is very different: they can be hacked without too many complications. We tell you everything you need to know!
Passwords are not secure in Google Chrome
For years, Google Chrome has had a password keychain to store your credentials on different websites. This system is incredibly convenient , since you don’t need to remember which passwords you use on the different web pages you visit.
Nor do you need to enter them every time you want to access, as they are filled in automatically . This whole convenient and easy process is incredibly insecure . The passwords, emails and URLs that you store in Google can be hacked quite easily.
Of course, it is not an accessible process for everyone, but it is for a user who cares about computer security, wants to do some damage and studies the steps carefully.
In a minute they can steal all your passwords
Who supports this theory? The cybersecurity expert Alcasec , one of the best-known ex-hackers nationally and internationally, has made it clear. In Alcasec’s words , “a program can sneak into your computer and remove all the passwords stored in Google Chrome credentials in just a minute “.
And the reality is that yes, there are various methods to be able to extract the Google Chrome passwords of another user without too many complications. We repeat that it is not something accessible to the general public, but it is not necessary to be a hacker to carry it out.
A link, a program or even an email can be used to give a hacker access to your device and extract all your Google Chrome passwords . You can already imagine how problematic this can be for you, since it will have access to almost all your information, shopping sites, etc.
How are Google Chrome passwords stolen?
Of course, we are not going to tell you how to do it, but we are going to tell you some of the keys of an ESET report that reveals the simplicity of the hack . It is enough to have access to the device to be infected, locate the SQLite3 database in which Chrome stores the passwords and export them.
These passwords are encrypted, but with a simple opening process in CryptUnprotectData it is enough to have the plain text of URLs, passwords and emails.
According to Alcasec account, this entire process can be automated with programs developed for this purpose, which enter, remove the passwords and are removed from the device without leaving a trace. All this can be done in a single minute.
Stop using Google to save your credentials
Carrying out this type of hacking is within the reach of a user who wants to take things seriously and study the processes. Years of experience in the world of cyber security are not necessary. This is why everyone, to a greater or lesser extent, is exposed.
If you have your passwords saved in Google Chrome , our recommendation, and that of many cybersecurity experts, is that you stop doing it as soon as possible. Use a password manager, free or paid, with which you will obtain a much more advanced level of security and privacy .
Saving passwords in Google is very convenient and simple, but also very insecure.
