Chat support available. Click the chat icon on the bottom right corner to start chatting with us right away!

mSecure Support

Knowledge Base Forums Submit a ticket
Answered

Is it more secure to NOT use the mSecure chrome extension?

I currently have all of my sensitive passwords stored in mSecure. Chrome Password Manager and iCloud Keychain have a bunch of not so sensitive passwords and maybe a few sensitive passwords as well, I should take a look at that.


Anyway, as I reevaluate how I want to store my passwords I am considering deleting all of my usernames/passwords from Chrome/Keychain and only using the mSecure Chrome/Safari extension instead (I'm on Mac, I know Windows support for this is coming in mSecure 6.2). 


But it got me wondering, is there risk of exposing all of my passwords if I add mSecure extension to my browser?  Would it be more secure to never install it at all?  I want to make sure what I have in mSecure is lock-tight, so if continuing to do what I am doing and straddling both Chrome/Keychain and mSecure as a stand along app on my devices is best then I am willing to do that.


Thank you for your insights!

Answer

Hi Harrison,

For the Chrome mSecure Browser Extension, you're sensitive data is never "handed over" to the browser or any other system outside of mSecure. The way it works is that any data requested by the extension is first decrypted by the mSecure app running locally on your computer, and after it's decrypted, that data is sent to the extension, not the Chrome Browser, so that it can be injected (auto-filled) into the fields that are currently getting displayed on the webpage you're viewing. After the data is injected into the fields, it's then deleted from the extension's memory. It is not stored in cookies or any type of Web Browser data storage mechanism.


Every time you click into a field in the browser, the Extension analyzes the page to see if it's a page needing credentials that may be stored in mSecure. If it sees that it is, at that very moment it sends a message to the app running locally on the computer to get any data that may be pertinent to that website. To be clear, the mSecure Extension NEVER communicates directly with the mSecure Cloud, and this is one of the reasons you never have to worry about data security when using it. All of the functionality takes place locally on the device.

That is great information and makes me feel better about using it.  Thank you for sharing!

No problem at all Harrison! Let me know if you have any other questions about the Browser Extension or mSecure in general.


Login or Signup to post a comment