Your Browser’s Spell Check Feature Could Risk Personal Data; How to Stay Safe


Web browsers such as Google Chrome are loaded with useful features and extensions such as ad blockers and spell checkers. The enhanced spell check feature on Chrome and Microsoft Edge can be enabled to check whatever you type in the browser and make sure it is free from grammatical errors and typos. Such software or extensions will send whatever you type to the browser's servers and run the same through advanced grammar and style algorithms.

Your Browser’s Spell Check Feature Could Risk Personal Data

That said, it is clear that you should not enable the same when you are concerned about data security. An investigation has confirmed the same. Under some circumstances, sensitive information such as your usernames and passwords could be sent to the browser's spell-checking servers during login processes.

Your Browser's Spell Check Feature Could Be Risky

As per an investigation by otto-js, reported by Bleeping Computer, the passwords you type into login masks when the extra spell check functionality is enabled in your browser's settings, the input will be transmitted to the company's servers. Based on the site you visit, this form data could include your Social Security number, address, name, email, contact information, date of birth, bank and payment details, among other personal information.

Josh Summit, the co-founder and CTO of JavaScript security firm otto-js recently discovered that personal details and passwords are sent back to Google and Microsoft while using Enhanced spell check or Microsoft Editor. While testing his company's script behavior, he found that anything entered into a site's form fields is sent to the servers of Google or Microsoft while using the respective browser with this feature enabled.

Making matter worse, when you click on 'show password' on a site, the enhanced spell check will also send the password back to the company whose browser you are using. While the show password feature is useful, when you think you have misspelled the password, there is a risk that wasn't discovered until now.


How to Stay Safe?

If you are worried about your personal information or passwords falling in the wrong hands due to this issue, you should make sure to turn off the enhanced spell check feature in your browser while logging into websites and services that are critical. There will be an option in your browser's settings to disable the enhanced spell check feature. You just have to click on it and disable the feature when you are typing sensitive information on the browser.

Best Mobiles in India

Read More About: browsers news internet

Best Phones

Get Instant News Updates
Notification Settings X
Time Settings
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X