Yahoo News 
How PCs can 'hand out' your passwords - and how to stop it
A blog post by developer Elliott Kember highlighted the risk this week - and PC users around the world reacted with horror
It sounds like an innocent question - “Do you want Chrome to remember this password?”
Like most of those question boxes that pop up so regularly in Windows, it’s easy to say “Yes” without thinking about it.
If you have, and someone else shares your computer or Windows log in, they can see any passwords you’ve agreed to “save”. The same applies to other browsers such as Firefox.
All a friend or colleague needs to do is go the “passwords” section in the browser, and they can read your passwords in plain text by simply clicking “show”. This box could contain anything from email passwords to Facebook, to any other sites you may have “remembered”.
[Is your TV watching you? New hi-tech hacks target locks, webcams and TVs]
Even more worryingly, you will see no evidence this has happened.
A blog post by developer Elliott Kember highlighted the risk this week - and PC users around the world reacted with horror.
Security expert David Harley of ESET says, “It's a really bad idea to save passwords in Chrome on a machine that can be accessed without authentication (obviously a bad idea in itself), or where an account is shared (also not good practice - especially on business machines - but probably not uncommon on home machines).
“I'd suggest that it's usually better to use some sort of password manager to store your passwords than a browser.”
[Security warning over Google Chrome - if you share your PC, others can see your passwords]
Set up a separate profile for everyone
Your browser will only show off your password if someone is using your computer “as you” - but it can be tempting to use one log-in for convenience. If you do that, your passwords can be accesed by anyone who uses the same log-in. Create separate log-ins for everyone - on Windows, go to Control Panels, Users, then Create a New Account. When the PC is switched on, each user will then log in to their own account.
Use a password app or plugin
Lastpass is a downloadable PC app and browser add-on which remembers passwords for you - it’s very secure, storing passwords online. Other apps such as Securesafe offer a safe place to keep passwords on iPhone and iPad - and the password which locks SecureSafe can’t be reset by email, which means those passwords are secure even if a hacker gets into your email account.
Use a master password if you have to
Chrome doesn’t offer a “master password” - protecting your passwords behind one main password, but Firefox does. Visit this page - https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins - and set up yours.
[Google Unveils £22 Web TV Streaming Dongle]
Never allow browsers to remember passwords
Don’t ever say “Yes,” to this question - or do so only for sites where you don’t store personal information or your card details. It’s convenient, but it leaves you at risk.
Clear out any that might be there already
On Chrome and Firefox, even experienced computer users might be surprised at what the site has “remembered for them” - check Settings and Passwords, and switch the function off.
Remember to log out
If you leave your computer on, and don’t log out, you are handing people access to your OS account - ie to anything, including passwords stored in Chrome or Firefox. One in five of us admits to having left their computer without logging out - and one in seven admits to having read a partner’s emails thanks to this lapse.
[The 10 easily guessed PIN codes that will hand your money to thieves]
Don’t stick with the password the IT guy gives you
One in ten people in the UK have guessed a work colleague’s password. Most of the time, people at work want to “guess” your password for innocent reasons - or for pranks. But office politics often means you might not want your boss - or your rival - reading your mail. Got a default password? Change it.
Changing a password? DON’T just add numbers on the end
Sites which demand special characters - “!” - as part of passwords often lead to users adding a special character at the end of a password. This makes it easy for anoyone - a friend, a partner, a cybercriminal - to guess yours, based on what you normally used. David Harley says, “This also applies where the site requires you to change your password periodically but allows you to do so by appending a number. Password cracking 101.”
Don’t share passwords with your family
Half of us have shared passwords with someone else - especially with children. If you’re sharing a WIndows password, this can mean children have access to emails or even banking passwords, which can be problematic. Create profiles for children separate to yours, and help them create their own passwords.
