loader image
Close
  • Home
  • About Us
  • Solutions
  • Recent work
  • Catalog
  • News
  • Contact Us
  • 0 - KSh 0.00

    No products in the cart.

  • Home
  • About Us
  • Solutions

    Communication
    & Collaboration

    Enhance teamwork and productivity with our suite of powerful tools

    Forms
    Emails
    QR Codes
    Work Chat
    Newsletter
    Henga Kazi
    Password Manager
    Customer Relationship Manager

    Software
    Development

    Unlock innovation with our custom software built for your success

    Websites
    Managed Hosting
    Web Applications
    Data Visualizations
    Workflow Automations, Integrations & Internal Tooling

    SaaS
    Products

    Grow your business with our intuitive & scalable cloud-based solutions

    Sales & Accounting
    Inventory Management
    Rental Management System
    PesaManager (Coming Soon)

    Design &
    Print

    Elevate your brand with our stunning design and branding services

    Design, Print & Branding
    UI/ UX Design
  • Recent work
  • Catalog
  • News
  • Contact Us
  • Home
  • About Us
  • Solutions

    Communication
    & Collaboration

    Enhance teamwork and productivity with our suite of powerful tools

    Forms
    Emails
    QR Codes
    Work Chat
    Newsletter
    Henga Kazi
    Password Manager
    Customer Relationship Manager

    Software
    Development

    Unlock innovation with our custom software built for your success

    Websites
    Managed Hosting
    Web Applications
    Data Visualizations
    Workflow Automations, Integrations & Internal Tooling

    SaaS
    Products

    Grow your business with our intuitive & scalable cloud-based solutions

    Sales & Accounting
    Inventory Management
    Rental Management System
    PesaManager (Coming Soon)

    Design &
    Print

    Elevate your brand with our stunning design and branding services

    Design, Print & Branding
    UI/ UX Design
  • Recent work
  • Catalog
  • News
  • Contact Us
Digital safety  ·  Security

We store all our passwords in our browser, so what’s the problem?

Kenneth Mbuthia
August 16, 2025

If this sounds like you, then this article is for you. I’ll explore what drawbacks exist with storing passwords in a browser as well as more secure alternatives you can use to protect your data online. Speaking of protecting your data, I’ll also touch on why this is so important and try to explain everything with practical examples that showcase the real-world impact of lax security on you as a person or business.

Data breaches: A recap

At some point as you browse for news online or through your preferred platform for accessing information on worldy affairs, you have probably come across stories that discuss how private, public and even governmental organizations get hacked and their data stolen. You may also have seen happen to famous individuals, most commonly with their social media accounts. This is an ongoing problem that exists at the time of writing this and will likely continue to exist long after the date this is published.

Just to further drive the point home, here is a recap of some of the more recent severe data breaches that have taken place in the past few years:

Yahoo (2013–2016, disclosed later)
3 billion accounts affected. Russian hackers stole user data over three years, but Yahoo delayed disclosure, leading to a $35 million fine.
Facebook (2021)
530 million users exposed
A vulnerability in Facebook’s contact-syncing tool allowed hackers to scrape phone numbers and account details, later leaked publicly.
Default Passwords in Crosswalks Exploited – 2025
Researchers revealed that crosswalk systems are often left with default credentials (e.g., “123456”), making them easy targets. A YouTube tutorial demonstrated how to alter audio messages via a simple app.
McDonald’s AI Chatbot Breach (2025)
Affected 64 million job applicants. A weak password (“123456”) exposed personal data of applicants via McDonald’s recruitment chatbot.
Marks & Spencer (M&S) Ransomware Attack – April 2025
Customer data exposed; £300M market loss. A ransomware attack disrupted online orders and contactless payments. While payment details were spared, M&S faced severe operational delays and reputational damage.
The Co-operative Group – April 2025
Member data (names, contact info) stolen. Attackers breached IT systems, causing store disruptions. The Co-op shut down systems preemptively, avoiding ransomware deployment but faced empty shelves and member distrust.

How does this happen and what’s the impact?

Successful hacking attempts take a variety of approaches and as you can see from some of the example stories above, using default or unsecure passwords even today is still a common reason why this happens to even the largest organizations. Data stolen from such data breaches impacts not just the organizations with bad press that leads to loss of customer trust and eventually loss of revenue, but also you as the customer because:

  1. Your personal contact information can now be used to spam you.
  2. People with your contact info can also try to reach out directly to you to con you.
  3. Your personal contact info can also be used to impersonate you in applications or subscriptions.
  4. Profile photos as well as other images and media of you can be used to generate explicit content.

So let’s talk about how you as an individual or organization can protect yourself better from data theft.

What are password managers?

For individuals

While it’s true that a data breach taking place due to poor or improper security from a company you have entrusted your data to can be outside your control, many organizations today are empowering you as the customer to protect your account information. It is therefore very important to take a moment to familiarize yourself with best practices that revolve around account security. The ones I’ll cover are:

  1. Strong passwords
  2. Multi-factor authentication

Over the years, the drum of “create strong passwords” has been beat over and over, yet some of the data breaches mentioned above are a direct result of ignoring this advice. I’m therefore here to beat this drum as well in hopes that if enough of us shout from the rooftops, data theft caused by weak passwords just might become history.

In addition to strong passwords, it’s not only crucial but an industry standard to have an additional way to authenticate yourself before accessing an account. This could take the form of OTPs (One Time Passwords) sent to your email or phone, authenticator apps, biometrics or even physical devices. This second layer of security makes it harder for hackers to access your account and steal your data, so why not take an extra minute or two to set it up?

For teams and companies

Teams and companies need to know everything highlighted in the individuals section above…so the focus here will be about access control and password sharing.

As the owner or manager in your team or organization, how do you share passwords? Is just written down on a sticky note or sent in plain text as a chat message? If that shared password needs to be reset, how is the new password shared? How is a password rotated (changed) once someone leaves the team/company? Do you even know who has the passwords to what?

If any of the above questions are difficult for you to answer, then you absolutely need a password manager because simply put, these are the exact problems and challenges it resolves. Password storage in browsers may evolve in the future to support these use cases, but as of today they still fall very far from addressing the questions raised above. Let’s break this down point by point.

Password manager benefits (vs browser)

Browser password managers have made strides to improve their security over time, but as hinted above, they have a number of shortcomings that at the time of writing, include:

  1. 2FA support: most browsers do not support generating or configuring “authenticator app style” passwords to give you a second way to authenticate yourself when accessing your account.
  2. Syncing across devices: while some browsers like Chrome allow you to create profiles linked to your email, using this feature to sync passwords across computers can be very dangerous and work against you. A simple example is needing to access that profile from a device that does not belong to you e.g. a friends computer or a cyber cafe. All your passwords would instantly get stored onto that device with the potential to be left there if you forget to sign out or if the device has malicious software that will grab those passwords once they are retrieved. Passwords should only be accessible by you on devices you trust, therefore, logging into a browser that should be usable on any device should not be the reason your accounts and data get compromised.
  3. Password sharing: for teams and companies, browser password storage will not help you securely share a password with a colleague. A password manager on the other hand, will not only do this but also help you keep track of who has access to what, as well as allow you to easily revoke access and change the password of any account should the need to do so arise.

For businesses: Other ways to protect your data

While I’m focusing on best practices around password management, it is worth noting that this is just one tool in the security kit that organizations should have to protect both their own data as well as their customers data.

There are plethora of other tools and best practices that businesses of all sizes should follow to avoid becoming a part of the data breach news cycle and to name just a few of them:

  1. Data encryption: ensuring your data is encrypted at rest in addition to in transit (with SSL) is crucial to have in place. The evolution of quantum computing that is capable of breaking most conventional encryption standards should not be a reason to forego this altogether simply because encryption algorithms are catching up and “quantum-safe” encryption options are now available to make use of to protect your data.
  2. Firewall security: filtering out malicious traffic from accessing any of your platforms is no longer a luxury with the advent of AI agents and hacking tools that leverage AI to make it that much easier for a hacker to now just prompt their way into your private data. Firewalls help prevent bots from accessing your data as well as block malicious requests containing harmful strings or code, among many many other things.
  3. Malware scanning: documents containing viruses is a very common way to hack into systems and is still used with great success to this day. Companies that don’t invest in malware scanning in various scenarios such as document uploads, email attachments and/or suspicious links are exposing themselves to significant risk.

Conclusion

Investing in a password manager to protect your online accounts is a crucial and essential tool to have for both individuals and businesses. While it certainly is not a silver bullet that solves all problems related to protecting your data, it certainly makes it that much harder for malicious actors to access your precious information.

Check out the password manager solution we provide in the link here or for teams and companies looking to improve their overall security, checkout our managed hosting service linked here.


Leave A Reply Cancel reply

Your email address will not be published. Required fields are marked *

*

*

fourteen − six =

From Hustle to Structure: Choosing the Right Tools for Your Business Stage
Previous Article

  • Ikigai Lower Kabete,
    107 Lower Kabete Road
  • P.O. Box 1093-00606
    Nairobi, Kenya
  • hello[@]henga.co
  • +254 738 000 600
© Copyright HENGA 2014-2025
Facebook-f X-twitter Linkedin Instagram

Company

Home
About Us
Our services
Solutions
Recent work
Contact Us

Legal

Terms of Use
Privacy Policy
Anti Corruption Policy
Customer Service Policy
Business Continuity Plan

Downloads

Solutions Catalog
Software Portfolio
Design Portfolio
We are Henga (Video)

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More

Decline Cookie Settings
Accept
Powered by WP Cookie consent
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
  • Necessary
    Always Active
    Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
    Name Domain Purpose Expiry Type
    PHPSESSID henga.co PHP generic session cookie. 55 years HTTP
    wpl_user_preference henga.co WP GDPR Cookie Consent Preferences. 1 year HTTP

  • Marketing
    Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

  • Analytics
    Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
    Name Domain Purpose Expiry Type
    _ga henga.co Google Universal Analytics long-time unique user tracking identifier. 2 years HTTP
    sbjs_migrations henga.co Sourcebuster tracking cookie 55 years HTTP
    sbjs_current_add henga.co Sourcebuster tracking cookie 55 years HTTP
    sbjs_first_add henga.co Sourcebuster tracking cookie 55 years HTTP
    sbjs_current henga.co Sourcebuster tracking cookie 55 years HTTP
    sbjs_first henga.co Sourcebuster tracking cookie 55 years HTTP
    sbjs_udata henga.co Sourcebuster tracking cookie 55 years HTTP
    sbjs_session henga.co SourceBuster Tracking session Session HTTP

  • Preferences
    Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.

  • Unclassified
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
    Name Domain Purpose Expiry Type
    _ga_8CZTN4K80J henga.co --- 2 years ---

Powered by WP Cookie consent
Cookie Settings
0
YOUR CART
  • No products in the cart.
Subtotal:
KSh 0.00
CHECKOUT