I keep them in my brain’s password manager. No way would I ever save credit card numbers on a PC or website. Far too many of my passwords have been stolen over the years to fall for that.
Most browsers just keep that crap in a plaintext file. And most of the password manager vulnerabilities, IIRC, have been with their browser extensions.
It’s a good rule of thumb that if you do not pay, as the result of some sort of contract, for the service of security, and you do not own the software or hosting within which you expect something to be secure, then you don’t actually have any security.
The browser could be storing your data in plain text, and making it available to other software or malware on your system (or even on websites you visit, or to scripts which run in ads on websites you visit); the browser could be making it available to their internal tools or external “partners”; the browser could be storing it in the cloud and be subject to a breach for which you will never receive a cent; the browser could be doing everything “right” right now, but change their terms next week and your convenience will turn into a liability.
Host it yourself, as you do with bitwarden, and manage your own security, or pay a company to host it who makes it their business and is therefore legally liable if they screw up.
Okay, I’ll be that guy: Keep em in your password manager.
And don’t save them in your browser. In fact, turn autofill off for your browser altogether.
You can autofill from your password manager, or copy and paste instead.
Usually, security comes at the cost of inconvenience, but in this case it’s actually the opposite.
I keep them in my brain’s password manager. No way would I ever save credit card numbers on a PC or website. Far too many of my passwords have been stolen over the years to fall for that.
Why not in the browser, though? So convenient.
Disclaimer: I keep them in my Bitwarden account. 👍
Most browsers just keep that crap in a plaintext file. And most of the password manager vulnerabilities, IIRC, have been with their browser extensions.
This claim doesn’t really pass the smell check if I’m going to be perfectly honest
Many years ago maybe…
Does Firefox not do that anymore?
Not according to their website.
Well then. 😎🔒
Its probably been that long since i stored a password in a browser tbh.
It’s a good rule of thumb that if you do not pay, as the result of some sort of contract, for the service of security, and you do not own the software or hosting within which you expect something to be secure, then you don’t actually have any security.
The browser could be storing your data in plain text, and making it available to other software or malware on your system (or even on websites you visit, or to scripts which run in ads on websites you visit); the browser could be making it available to their internal tools or external “partners”; the browser could be storing it in the cloud and be subject to a breach for which you will never receive a cent; the browser could be doing everything “right” right now, but change their terms next week and your convenience will turn into a liability.
Host it yourself, as you do with bitwarden, and manage your own security, or pay a company to host it who makes it their business and is therefore legally liable if they screw up.
Crane’s law.
I use the free tier of bitwarden.eu. 🤷♂️ I figure it’s their business to be secure, then it should be secure enough.
Weirdly, that ends up being more your bank’s problem than yours since they almost always comp you for credit card theft.
You’re not wrong, of course, just… society gets along just fine being stupid and irresponsible, lol.