Google Chrome users should make sure they don't save important passwords in the internet browser, as it's been revealed these are stored with little security, so anyone using your computer could access your online accounts.

Browsers often give you the option to save usernames and passwords, so next time you visit a particular website, information is automatically inputted without you having to remember it (see our ID Fraud guide for tips on protecting your information).

But if you use Chrome to remember online passwords for personal banking, email and social media accounts, and shopping websites such as Amazon, then anyone using your computer can easily gain access to these, as there's no "master password" protecting this information.

The flaw means if you leave your computer idle, whether at work or on a public terminal, anyone who knows how to can gain access to your passwords and potentially use these to start spending your cash.

Other browsers, including Internet Explorer and Firefox, also store passwords. But these give users the option of either having a "master password" to access saved passwords, or require extra software to be downloaded to reveal passwords.

The issue was revealed by software developer Elliott Kember on his blog. tested it, and found it to be true.

Adam Cable, senior software developer at, says: "While letting your browser store your passwords is, in a way, a sensible thing to do, it's surprising Chrome exposes those passwords.

"It's been best practice for years now to not expose this information within software. If you use Chrome, you shouldn't leave your computer unlocked for anyone to use."

Martin Lewis
Get Our Free Money Tips Email!

I'm a victim of fraud. Can I get my money back?

Financial Fraud Action UK says your bank will have to prove you were "negligent" to not reimburse you if your account was fraudulently used.

While it is unlikely leaving your computer available would generally qualify as being negligent, banks look at each case individually, so it's better to be safe than to be sorry.

A spokesman for Financial Fraud Action UK says: "Victims of fraud can expect to receive full protection against losses.

"Banks will consider each potential fraud incident on a case by case basis, and 98% of fraud claims are fully refunded. Our advice is to keep your banking passwords and PINs safe."

Protect yourself

Storing passwords and usernames on Chrome is optional, and you choose which ones you want the browser to remember. You can also delete saved passwords at any time.

If you use Chrome to save passwords, urges you to either make sure you lock your computer if you're stepping away from it, or consider deleting any passwords stored on the browser and not using that facility at all.

You should also try to change passwords regularly, and ensure they are complex enough so they're difficult to guess. It's also wise to use different passwords for different accounts.

Google wouldn't comment on the issue, but says its tool to remember passwords and usernames was built to be "useful" and "isn't" a flaw.

On Our Forums

Online passwords