Viewing a single comment thread. View all comments

t1_j81gqoa wrote

I save all my password in the browser saving password thing, is it bad?


t1_j81n0vi wrote

Information is encrypted before sending to Google ( I am assuming you are using chrome), so even Google doesn't know your passwords. Therefore, generally pretty safe.


t1_j82rr2e wrote

> Information is encrypted before sending to Google ( I am assuming you are using chrome),

That's a new feature (only since June 2022), and AFAIK isn't automatically enabled.


t1_j85kajk wrote

Definitely not. It's been used way longer. No one sends plain text passwords since the late 2000s unless it's an amateur made website.


t1_j864onn wrote

I guess Google is made by amateurs, since on-device encryption was introduced just last year.


t1_j8729eg wrote

completely a different thing and this encrypts using your device and you need to enter your password to decrypt it. The password is still is not being sent to google as plain text and has never been.


t1_j87uadc wrote

Are you really arguing that "well, technically it's sent via TLS" is actually adequate for a password manager?


t1_j81tph3 wrote

It's not the best. Depending on how things are set up, anyone getting access to your PC can log onto any of the sites that you log into. You are also tied to the browser. e.g. Want to use an iPhone and chrome, tough. There are free options for password managers.


t1_j81v48q wrote

Think if they're saved they go head to saved passwords and click a button to see it in clear text. Might have changed now but I remember doing that on a publicly used computer a few years back


t1_j826yvl wrote

It’s probably not bad and it’s better than nothing, but it’s less portable than a good password manager.


t1_j82eqo9 wrote

It's better than typing them manually. The main point is that all your passwords should be complex and unique. That should help you in 99% of cases.


t1_j88dpai wrote

It's not ideal, but it's common. Best practice is to at least not save your hyper sensitive logins like bank pwds.