Skip to main content

Can Credentials Saved on Google Password Manager Be Hacked?

Alessio has an experience as a Google Product Expert and as a bug hunter, having reported security vulnerabilities to Google and Apple.

When using online services protected by login credentials, one of the most basic safety rules is choosing different passwords for each website you register with. This prevents the risk of finding all accounts violated in case someone manages to find your password. While most websites tend to encrypt passwords in their database, others still save them in plain text and are more subject to the risk of violation. Malicious users who manage to hack databases of these poorly secured websites and get login data commonly try the same ones in other online services. This is why it is always a good idea to choose different passwords for each account you own.

Safety is both critical online and offline. One of the best ways to stay safe online against account violations is to use different passwords for each account.

Safety is both critical online and offline. One of the best ways to stay safe online against account violations is to use different passwords for each account.

Managing So Many Passwords Is Complicated

An inconvenience of managing multiple passwords is that it may become challenging to remember all of them unless very weak passwords are used. Some people write them on paper or on a document to be kept on the PC, yet, these practices are not risk-free: they can get lost or even compromised easily. Luckily, technology comes to our aid.

Password Managers Make It Simple to Store Login Credentials

Password managers have been invented to solve all the inconveniences caused by dealing with several login credentials. These act as encrypted vaults with tables containing all our usernames and passwords. The first password managers are databases, accessible through a master password or a key file, meant to be saved on our PC. In addition, we have the most recent solutions that are fully hosted on the cloud so that they can be accessed from any device. These also reduce the risk of losing all the passwords if the PC breaks and no proper backup has been done initially.

How Do Online Password Managers Work

Online password managers are encrypted and accessible through a master login. They are the cloud evolution of the traditional databases meant to be stored locally. There are specific services offered by companies specialized in password storage solutions, then those integrated within browsers. The first ones are generally richer in features. The latter ones are more comfortable to use for people who are already into a specific ecosystem and would like to have also their passwords saved on it. An example of a specialized cloud password manager is LastPass, a freemium service powered by LogMeIn. Examples of browser-integrated password managers are those of Google, Microsoft, and Apple.

How Does Google Password Manager Work?

Google Password Manager is already integrated with the same account used for Gmail and other services. If we are already loyal to the Google ecosystem, we can enjoy having even our passwords stored there. These passwords will then sync across all the devices we use with the Google Chrome browser.

Google Password Manager is a safe and convenient tool to store our login credentials in the cloud. It also allows checking of eventual security issues. Google and the Google logo are trademarks of Google LLC.

Google Password Manager is a safe and convenient tool to store our login credentials in the cloud. It also allows checking of eventual security issues. Google and the Google logo are trademarks of Google LLC.

Scroll to Continue

How Secure Is the Google Password Manager?

This is the final question one would ask: how safe is it to store our passwords in our Google Accounts? Google is safe enough to consider low-risk the likelihood of having our login data leaked due to an attack. Google services are critical, so engineers behind them put their best effort into keeping them safe at all times. Of course, no system is 100% secure, yet, storing passwords on a Google Account is a great idea to balance security and convenience. There are only two factors to consider before thinking our passwords are safe just because they are stored on Google servers:

  • Login credentials are locally synced with your devices. This means that eventual malware can leak them. Encrypting PC hard drives, updating anti-malware software regularly, and avoiding jailbreak of our mobile devices ensure the safety of our passwords while they sync locally. Of course, these are relative concerns if the only synced device is a non-jailbroken iPhone updated to the last version of iOS, yet, any password stored locally can be easily compromised if there is no attention to the security of the device;
  • Google Account should always be protected with a strong password and two-step verification. Failing to adequately protect an account will always put our passwords at risk, even if they are stored in some of the safest web servers in the world.

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2022 Alessio Ganci

Related Articles