Say a “friend” drops over or someone you don’t know needs to use a computer urgently. They ask you for the password to the computer and you oblige by giving it to them. This act could compromised your security.
Many use Chrome for internet browsing. Chrome always offers to save passwords and credit card information to make it easier for you to access that same information later without having to enter it.
If someone uses social engineering to get access to your computer – temporarily or otherwise, all they need to do is go to Chrome, choose the Settings button and then Passwords. All the passwords are listed in this area with an eyeball beside them to view the password. The first time you attempt to view a password the following prompt will appear:
All that needs to be done is to enter the password used to log on to Windows at this computer and all the cached password and information will be visible. Here is an example of a password I exposed on my own account:
The lesson is two fold:
- Cached passwords can be compromised. Consider whether you want to cache these passwords on your computer.
- Do not provide your password to others – ever. Type it in yourself if need be without them looking. In that way, your information will be safer.
For more information on passwords and security, click here.
Charles Bennett is the Principal Consultant at Triella. We are a technology consulting company specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium-sized firms. Charles can be reached at 647.426.1004. For additional articles, go to our blog page. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Webroot Reseller.
© 2019 by Triella Corp. All rights reserved. Reproduction with credit is permitted.