Yesterday, I saw a suspicious connection on my computer through VNC, I was clearly hacked, I went through all my passwords. And I realized something very problematic with Brave. If someone has physical access to an unlocked computer on the desktop, can they see credit card information without providing an additional password? Am I mistaken? How can I secure this? This is scary!
The password settings don’t differ from Chrome/Chromium. That said, If trying to edit passwords I’ll get the popup;
If any addtional security would come upstream from Chromium
This is correct. Which is why you’re never supposed to leave a device unlocked and should have multiple profiles on your OS for people to use. If it’s a guest, have them using a Guest User rather than your Admin account.
But people will easily be able to autofill your payment and edit payment info as long as you’re logged in. As to passwords, those are hidden behind your OS password. But this means if you are sharing the device and letting people know your password, they can get into it all anyway.
Only let yourself use the admin account or use a specific User on your computer. Make everyone else use a different one. Then no information from yours should be accessible in general. Otherwise, you just wouldn’t want to store payment info into autofill as you know it can be used and seen by others -OR- you would use an extension that is password protected.
You should never, ever store your passwords in the browser. That is cardinal sin #1. I started with web privacy over political targeting, because I must have had great memes back in the day. Now to be clear, I don’t really like what I’m going to tell you, but you could do it. Windows hello, which used to be called hello FACE, does offer a proximity type of lock that will use your phone and “sensors” to lock things on your pc. I use nordpass by the way, and I don’t store my major passwords, they’re written down in code lol. And this will sound rediculous, and big tech hates it, but I also don’t store any credit cards on file, since it’s the companies that provide credit themselves that are the real criminals to watch for.
Nothing is secure anymore after someone got access to your computer. Backup your data, reset your EFI keys, clear your hard drive and reinstall, then change all your passwords. Credit card data is of least concern, since you can always dispute a charge. If you notice any misuse, tell your bank and you’ll get a new number.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.