Autocomplete Function Exposes Private Data on Browsers
Although the autocomplete feature helps you not to have to remember passwords, it can also help others … to remember your passwords.
Finnish hacker Viljami Kuosmanen has discovered that the private information contained in hidden text boxes can be retrieved in Chrome, Safari, Opera and other browsers with the simple autocomplete trick.
The autocomplete function is designed to avoid having to repeatedly type the same information as name or email address and save time.
The system not only keeps the information of the visible text boxes, but also of those in which the characters have been hidden.
The second time you access a page where you have to complete the same information, the autocomplete system retrieves not only the public data but also sensitive information such as credit card number, home address or phone number.
Also, in the Chrome browser, the autocomplete function is enabled by default.
The only browser that has apparently been proven to be immune to this problem is Mozilla Firefox, since it does not have an autocompletion system for more than one frame at a time.
In order for the characters to be auto-completed you need to enter at least three characters.
If you want to protect your data you can try using Mozilla Firefox or disable autocomplete mode in other browsers, although it is preferable not to use this feature at all on any browser as it may be a matter of time for other hackers to find a way to obtained the autocomplete information from Firefox as well.
What you should do immediately is to disable the autocomplete function on your browser.
On Chrome go to the settings menu and open the advanced options. Uncheck the box “Enable Autocomplete to fill web forms with a single click”.
On Safari, open the preferences menu and once there click on Autofill. After, uncheck all of the autocomplete options.