Web Trackers Exploit Browser Login Managers
Another day, another online hack, or so it seems. Whether it’s the Yahoo! password grab, or the Equifax data breach, we know that we need to secure our passwords online. Just when you thought you had done everything to be save online, we now learn of one more way your data is not safe. A new study has shown that advertisers and shopping sites can steal information from users even when users do not log into sites.
Princeton privacy experts are warning that advertising and analytics firms can secretly extract site usernames from browsers using hidden login fields and tie non-authenticated users visiting a site with their profiles or emails on that domain.
Forbes agrees that autofill is not just a security vulnerability but also a privacy threat. Most web browsers offer us the “convenience” of autofilling forms, including the ability to log into websites that we visit and use frequently. As you can see, that convenience may come with a price. This practice of stealing data is illegal in the EU, why not here in the US as well?
For even more in-depth information about how all this works, this article will give you lots of background information.
The easiest and most effective way to avoid all this is to turn off autofill. But, why should the consumer have to? Here’s hoping 2018 will bring some legislative sanity over these exploits.