On a business trip that I took in 2017, I needed to print out a document, so I headed down the to the hotel lobby and asked the lady at the desk to direct me to where I could use a printer to print out some documents. She directed me to the business center that was located around the corner. I needed to check my Gmail, so I opened Chrome and was directed to the landing page where someone previously had logged in. It showed a person’s name and their iCloud email address. I used the link to choose another user and signed into my Gmail account. I printed my documents and then signed out of Chrome, but curiosity got the best of me. I Googled the iCloud account which the first hit was a Facebook profile. I click the link and I was directed to Facebook’s homepage and the username and password was automatically populated. I clicked sign in just to verify the credential’s and was immediately logged. Since this was an iCloud account, I went to the iCloud homepage and the same thing, the username and password was auto-filled and the credentials were still valid. Of course, I did nothing malicious, so I closed both tabs. Again, being Chrome I went to Chrome’s password settings page. Here, I found dozens upon dozens of stored usernames and passwords. In order to see these stored passwords, you need the Windows password of the current login. This password was conveniently taped to the computer monitor and I was able to verify it worked, by showing one of the stored Chrome passwords. Again, I did nothing malicious but verify the weakness and dangers of the Chrome browser remembering your credential’s and not signing out of websites when you are done conducting your business on a public computer.
Here are some suggestions If you don’t have to use a public computer:
Don't save your login information.
Don't leave the computer unattended with sensitive information on the screen.
Erase your tracks.
Disable, of don’t use, the feature that stores passwords.
Delete your temporary Internet files and your history.
Watch out for over-the-shoulder snoops.
Don't enter sensitive information into a public computer.
Comments