Enhanced Spell Checker in Chrome and Edge Saves Everything You Type, Even Passwords
Google Chrome and Microsoft Edge come with advanced spell checking tools: but because they are advanced (they help you with more than just spell checking), all grammar and language suggestion processing happens on their servers. According to Otto ‘s research, these services transmit basically everything you write in plain text to Google or Microsoft servers, including passwords that are revealed when you click the “Show password” button, as shown in this video :
Of course, we are talking about Google and Microsoft. These are large companies that take privacy seriously and have no interest in having your Dropbox account hacked. However, this is still a glaring omission and bad for user privacy. According to the same Otto report, password managers like LastPass have already released a fix, but it doesn’t solve the browser’s problem.
Thankfully, these features aren’t enabled by default, so if you’re using your browser as is, you should be safe. However, if you are using Chrome’s Advanced Spell Checking feature or the Microsoft Editor in Edge, you need to disable them immediately.
In Chrome, enter the following text in the URL bar to be in the right place: chrome://settings/?search=Enhanced+Spell+Check.
Then turn off the ” Advanced Spell Checker ” feature.
In Microsoft Edge, Microsoft Editor works as a . Click the “Extensions” icon in the toolbar and navigate to the ” Manage Extensions ” section. Find the Microsoft Editor extension and click Uninstall. In the pop-up window, click ” Delete ” again.
Until Microsoft and Google update their products with a base level of text encryption technology, we recommend that you stay away from these advanced spelling or grammar checking tools. If you really need help writing, we suggest you use Grammarly’s web editor or Hemmingway Editor .
[ Otto via BleepingComputer ]