skip to Main Content
Google Password Manager

Google password manager: is it as secure as you think?

Keeping your data safe and secure is a priority for any business. Security breaches are increasingly becoming more common, and organisations everywhere have had to step up efforts to beef up security, including extra layers of defence. 

One way to add an extra layer of security is to implement a strong password policy. Weak passwords offer cybercriminals the perfect opportunity to breach your network and access or steal data, by using automated tools to crack weak passwords in seconds, leaving your business wide open to attack.

People tend to use easy-to-guess passwords, such as their pet’s name or favourite football team, which goes against the recommended advice that passwords should be unique and contain a combination of numbers, letters, and special characters. The key to this advice is password length, with security experts suggesting passwords with a minimum of 11 characters combined with special characters are the best choice to prevent malicious actors from breaching your system. 

The problem is remembering these long, complicated, and unique passwords. Employees required to log into different sites or applications can find it next to impossible to remember which password to use, leading to the temptation to use the same one repeatedly. This is where password managers come in. 

What is a password manager?

A password manager is a tool like any other, used to generate complex and unique passwords, as well as store them securely and allow users to easily retrieve them when needed. The manager tool uses algorithms to generate lengthy, complex passwords with a combination of special characters, upper and lower case, numbers, and so on. The generated password is unique and unpredictable, so there is far less risk of it being guessed or cracked. The ability to store and retrieve these complex passwords means users don’t need to remember which password to use for which application or site. 

Passwords managers can be a third party app or plugin or accessed through browser extensions. Some password managers are fully featured and require a subscription, while free password managers, such as Google password manager, are equally as popular, especially as Google is so widely used and known, and used across both iOS and Android devices. But is Google password manager security up to scratch? 

password management

What is Google password manager?

Google password manager is a tool built into Google Chrome, and available as soon as you install Chrome on your devices and register your Google account. Google password manager creates and stores passwords, without needing to pay a fee or install third-party software, which is very user-friendly. The password manager autosaves passwords and syncs across devices you have a Google account on. 

Google password manager also:

  • Generates unique password combinations
  • Autosaves passwords and syncs across devices
  • Auto-detects and fills webforms
  • Checks problematic passwords.

So with all this functionality, how safe is Google password manager?

Is Google password manager safe?

While using Google password manager is better than not using a password manager at all, there are some drawbacks. As browsers are not designed to be full-fledged password managers, they do not provide the most secure way of saving passwords. 

No dedicated encryption 

Google does not provide the same level of security as a fully-featured password manager software because it depends on your computer’s local encryption system to keep this data secure. Your password security is directly tied to your device security with a browser-based password manager. Dedicated password managers require another layer of security such as multi-factor authentication to gain access to password vaults. 

Authentication vulnerabilities

A major security problem is authentication, as anyone who gains access to your browser will have access to all of your accounts without having to provide any verification. Dedicated password managers require you to log in with a separate master password, which automatically locks your passwords after a set timeframe. Malicious actors can also impersonate websites that users frequently visit, and when Google auto-fills the login credentials, these can be stolen, leading to data breaches. 

Poor password generator

One of the more popular features of password managers is the ability to generate complex passwords. Unfortunately, in Google Chrome the passwords generated are not very unique and there is no option to customise them, adding more characters or making them longer. The risk is relying on the password generator to create these passwords will leave your network open to being hacked. 

Securing passwords for your business

It is paramount for any business to have basic protection against fraud and malware attacks. As the risks of accounting hacking rapidly grow, small and medium-sized companies increasingly become a target of such attacks. To protect sensitive customer data and shield private business information from prying eyes, choosing the best password manager should be a priority. Once your data has been compromised, it is extremely difficult to get back client or customer trust again. Fully featured business password managers allow passwords to be shared among groups of users, which is useful for shared accounts or if an employee leaves the business. They are also able to integrate with single sign-on (SSO) solutions, ensuring a comprehensive solution for your business. 

To ensure your organisation has the best of the best when it comes to the first line of defence, talk to the security experts at INTELLIWORX and take the first step to protect your critical business data. 

Shane Maher

We passionately work on the IT Infrastructure of mid-tier businesses and support MSPs into cloud services. I have over 17 years of commercial experience that includes supporting and managing IT systems, developing infrastructure solutions, both onsite & in the cloud.

This Post Has 0 Comments

Leave a Reply

Your email address will not be published.

Back To Top