Posted on Thursday January 31, 2019
Advertisements and suggestions based on our internet browsing habits are sources of online tracking. However, autocomplete passwords are also another source of online tracking. This sneaky tactic comes with serious security risks. Here's how you can stop it from targeting you.As of December 2018, there are 4.1 billion internet users in the world. This means users have to create dozens of passwords, either to protect their account or simply to meet the password-creation requirements of the platform they're using. Unfortunately, only 20% of US internet users have different passwords for their multiple online accounts. Certain web browsers have integrated a mechanism that enables usernames and passwords to be automatically entered into a web form. On the other hand, password manager applications have made it easy to access login credentials. But these aren't completely safe. Tricking a browser or password manager into giving up this saved information is incredibly simple. All a hacker needs to do is place an invisible form on a compromised webpage to collect users' login information.
For over a decade, there's been a password security tug-of-war between hackers and cybersecurity professionals. Little do many people know that shrewd digital marketers also use password auto-fill to track user activity.
Digital marketing groups AdThink and OnAudience have been placing these invisible login forms on websites to track the sites that users visit. They've made no attempts to steal passwords, but security professionals said it wouldn't have been hard for them to do. AdThink and OnAudience simply tracked people based on the usernames in hidden auto-fill forms and sold the information they gathered to advertisers.
A quick and effective way to improve your account security is to turn off auto-fill in your web browser. Here's how to do it: