Google, Microsoft can get your passwords via web browser's spellcheck

[Corrine]

From Bleeping Compute at Google, Microsoft can get your passwords via web browser's spellcheck:

QuoteExtended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively.

While this may be a known and intended feature of these web browsers, it does raise concerns about what happens to the data after transmission and how safe the practice might be, particularly when it comes to password fields.

Both Chrome and Edge ship with basic spellcheckers enabled. But, features like Chrome's Enhanced Spellcheck or Microsoft Editor when manually enabled by the user, exhibit this potential privacy risk.

See the referenced article for additional information.

 

[Gary R]

The mind boggles.