Beware! Your browsers may be leaking passwords; delete spell check now
For those of us who are constantly typing on our laptops, spell checking is an absolute must. Whether it is essays for college or important work emails, typographical errors, commonly known as typos are a disaster which could strike you even in the best of times. To counter this, most people simply install spell check extensions on their browsers which alerts them to errors and automatically corrects the mistakes. However, a recent report has revealed that spell check extensions might not be safe.
Walter Hoehn, otto-js VP of Engineering said in the blog, “"One of the most interesting things about this type of exposure is that it's caused by the unintended interaction between two features that are, in isolation, both beneficial to users. The enhanced spell checking features in Chrome and Edge offer a significant upgrade over the default dictionary-based methods."
“Likewise, websites that provide the option of displaying passwords in cleartext are more usable, especially for those with disabilities. It's when they are used together that the actual password exposure happens,” Josh Summit, CTO and founder of the firm said.
Do this immediately
However, there is a relief from this issue. Unless you have manually enabled the spell check feature on your browser, it is usually turned off, meaning you're still safe from this leak. Furthermore, even if you have this feature enabled on your browser, you can turn it off by simply removing the extension. If you have enabled the native spell check feature present on Google Chrome or Microsoft Edge, you can turn it off from the settings.