6 reasons why you shouldn’t use your web browser’s password manager
Password managers have become so essential that web browsers offer integrated solutions. While browser-based password managers are free, third-party stand-alone solutions are also available.
But it would help if you didn’t use your browser’s built-in password manager. And here’s why.
Which browsers have built-in password managers?
Consumer browsers provide password management functionality. No surprises here, as it’s just a way to make sure you’re hooked up to the ecosystem.
The list of mainstream browsers with built-in password managers includes Google Chrome, Edge, Firefox, Opera, Safari, and Brave. These password managers work to some extent the same as the stand-alone alternatives. One thing that makes browser-based password managers so appealing is the convenience.
They are very convenient, no additional downloads are necessary and your passwords are automatically synchronized with your data. You log into your account and you are good to go. Also, browser-based password managers are all free, with no limitations, at least in terms of the features available.
On Chrome, for example, passwords are saved in your Google account and you can access them by going to passwords.google.com. But if you’re not signed in, Chrome will save the passwords locally.
And when you enter a password on a site for the first time, your browser prompts you to save it. Chrome will then provide the login credentials the next time you want to sign in to that specific site whose credentials are stored in its vault.
Why you should avoid browser-based password managers
While such a capability is good, you shouldn’t be using browser-based password managers. Here are a few reasons why.
1. Difficult to change browser
The first benefit of using third-party dedicated password managers is cross-platform support. You can use stand-alone password managers on virtually any platform and across all browsers. You can’t say the same for browser password managers.
Suppose your passwords are stored in Opera; you cannot access it in Google Chrome.
It’s a bummer, especially if you change browsers frequently. Standalone password managers give you autonomy and best of all, even if a platform is not supported, you can access your vault using the web version.
The only browser that offers some autonomy is Firefox which renamed its password manager function to Lockwise and released a standalone app on Android and iOS.
2. They don’t include easy and secure sharing options
Stand-alone password managers provide a convenient and secure way to share credentials. On the other hand, browser password managers don’t. This can be a problem for some, especially if you share online accounts with family or friends, be it music and video streaming services like Spotify and Disney +.
Third-party password managers include family packages, which provide shared folders that all members can access. Shared Folders are a typical feature of Password Manager that allows you to share specific credentials in a convenient and secure manner.
If you update a password, it will be updated for everyone – no need to share the password ever.
Password managers also offer two sharing options: one-to-one and one-to-many. It’s as convenient as it gets.
3. You cannot store more than passwords
Modern password managers let you save more than just passwords. You can store your photos, videos and documents. And they offer you a few gigabytes of secure cloud storage for this purpose. You can also store notes, addresses, payment cards, and even a driver’s license.
On the other hand, browser-based password managers don’t offer any such thing. You cannot save your documents, notes, or media files. They only support storing passwords.
Most of them, including Chrome, Firefox, Safari, Edge, and Opera, allow you to store payment cards. But that’s all. So if you want to store more than just passwords and payment cards, you’d better switch to third-party password managers.
4. Not as powerful as standalone password managers
In short, browser password managers just aren’t as powerful as their third-party alternatives. As an example, let’s look at the password generator feature on Chrome. It automatically generates unique and strong passwords, but it is on their terms.
You cannot customize the generated password to suit your needs. There is no option to adjust the length of the password, and there is no way to tell Google whether to include symbols or numbers, both, or neither. This lack of customization is standard for browser-based password managers.
Unfortunately, this is an essential password generator feature that even internet based password generator websites found in a search offer. With browser password managers, you also can’t add notes to every saved entry or even alternate top-level URLs with similar credentials.
5. Limits you to browser use only
While some browser password managers like Firefox’s Lockwise now have a stand-alone application, other browsers like Safari do not. This means that you cannot use autofill passwords outside of the browser. If you want to log into your Twitter account through the app, you need to copy your password and username and paste them.
It’s not as convenient as what you get with standalone password managers; not to mention the security implications since some applications can access the contents of your clipboard.
Of course, if you’re using Chrome, you can skip all the niceties and sign up or sign in to apps through your Google Account. On iOS, it is more convenient to directly save your app passwords or have them on Safari. But other than the latter two, the remaining browser password managers are not practical for filling in app passwords.
6. Security issues
While browser-based password managers have generally improved on the security front, unlike in the early days, some cybersecurity experts still feel they aren’t secure enough. This is especially true when browser password managers are compared to their stand-alone alternatives.
While they store your passwords very well and are very handy, browser-based password managers are more susceptible to malware attacks through JavaScript, according to security software company Avira. Visiting malicious websites with password-stealing Trojans is just one way for a hacker to steal your credentials.
And for those who care about privacy, the lack of a self-hosted option can be a problem.
That’s not to say that browser password managers aren’t safe to use. In terms of security, they are correct.
On the other hand, stand-alone password managers are designed with security in mind. They include bank-level Advanced Encryption Standard (AES) 256-bit encryption and zero-knowledge architecture. They also have advanced multi-factor authentication using hardware keys as well as other security features.
Switch to stand-alone password managers
Browser-based password managers provide only a few of the basic functions that are needed. However, you will lack the autonomy to change browsers as you wish, fill in passwords on applications, store more than passwords, and secure the sharing of credentials.
You also miss other extras offered by password managers like emergency access and advanced security features.
If you’re ok with basic functionality, browser-based password managers are enough, although we don’t recommend them. Switch to standalone password managers today.
Read more
About the Author