Unsolved
10 Elder
•
43.6K Posts
0
192
Spell checkers leaking personal data
Otto-js Research Team found that Chrome's enhanced spellcheck & Edge's MS Editor are sending data entered into form fields like username, email, DOB, SSN, basically anything in these fields, from these browsers when this feature is enabled.
Furthermore, if you click on "show password," the enhanced spellcheckers even send your password, essentially Spell-Jacking your data.
Of 30 websites tested, 96.7% sent data with Personally Identifiable Information (PII) to Google or Microsoft. 73% sent passwords when "show password" was clicked; the ones that didn't reveal the password just didn't have a "show password" option.
Read more, including how to disable these features in your browser(s). And probably just avoid "show password" options on all sites too.