• Your IP: 44.201.94.72 (VA, United States)
  • Your ISP: Amazon.com
  • Your Status: Unprotected
  • Get Protected

December 20, 2021

Privacy Tip of the Week: Turn Off Autofill

Posted by

Autofill technology is ubiquitous online; chances are, you’ve used it many times in the past. It allows a website to pre-fill a response field on behalf of the user. Like with most modern technology, autofill has evolved to make our lives more convenient. Gone are the days of having to remember your password for every website; autofill technology can simply fill your password in for you. Likewise, many ecommerce websites are able to automatically fill out details like your shipping address, saving you precious time in the checkout process.

Unfortunately, many online conveniences come at the expense of your digital privacy and safety. Autofill is no different. In order for it to work, your data is saved online and can possibly be accessed by people who aren’t you. There are several ways using autofill can put you at risk. Here’s what you should know:

  • What is autofill?
  • How do we use it?
  • Why is it dangerous?
  • Are there alternatives?

What is Autofill?

Autofill is a function that some types of software are able to fulfill on behalf of a user, often without the user specifically prompting it. More specifically, it automatically inputs saved data into online forms or spreadsheets. These forms may include things like credential fields, address fields, or even billing information fields. In other words, autofill may automatically plug your password, address, or credit card information into a website for you to navigate that site more easily.

Its main purpose is to make browsing websites easier. Checkout processes become faster when we don’t have to input our address every time. Logging into websites is more convenient when we don’t have to remember our password for it every time.

How Do We Use It?

Autofill is specifically designed to require as little user interaction as possible. It wouldn’t be helpful if it required just as much effort as filling out online forms manually. Therefore, the actual work done by the end user is minimal.

In many cases, autofill is a feature built into a web browser. It may be turned on by default, or prompt a user to turn it on. When on, the browser automatically collects a user’s information when they input it into a form for the first time. For example, if you sign up for an account on TikTok in the Chrome browser, Chrome will ask if you’d like to save the username and password. If you allow it to save the data, it can autofill it every time you visit TikTok.

There are also extensions and apps users can install to autofill login extensions. A password management app like LastPass is able to save your passwords and autofill them on the correct websites.

In addition to inputting login information, autofill is also often used to fill out response forms which require your personal information. For example, most ecommerce websites require your address, email, and phone number when purchasing a product. Instead of typing these things manually, the website may offer autofill, which allows the data saved in your browser to be inputted into the correct response fields. Shipping details aren’t the only things that may be filled in this way; a website may even be able to autofill your credit card information.

Why is Autofill Dangerous?

In general, it’s always a bad idea to allow your personal information to be saved online. If the websites and browsers that save it don’t protect it properly, it could fall into the wrong hands. Cyberattacks are an increasingly serious threat, with the rate of attacks more than doubling in the first half of 2021 alone when compared to all of 2020. Of course, if you want to use the internet, you have to leave data behind somewhere. But by allowing autofill software to store your data, you’re creating an extra and unnecessary breach opportunity.

Here’s how a cybercriminal may be able to use the data saved on autofill databases:

  • Hidden forms
  • Password access
  • Data breaches
  • Invisible sharing

Hidden Forms

One way attackers are able to steal information online is by creating websites or forms on websites that serve no purpose other than to steal your information. If you accidentally use those forms, autofill will add your details immediately and those attackers will then have access to your data, even if you close the browser without clicking submit.

Password Access

If your phone or laptop is stolen, or your browser has been compromised, your login credentials may be at risk. For example, if you have your bank account login saved on your phone, anyone who steals or accesses your phone can easily login to your account with no effort at all.

Data Breaches

Data breaches are another reason you should never use autofill. Enabling autofill increases the likelihood that attackers can steal your information in the event of a data breach. If browsers don’t store your login credentials in the first place, there’s nothing to steal down the road.

Invisible Sharing

In 2017, a Finnish developer named Viljami Kuosmanen showed that several browsers may fall victim to a clever phishing attack in which they invisibly share your autofill information with a website, even if that website doesn’t need all of your information. For example, if you want to sign up for a new website, that site might only ask for your name and email address. However, secret input fields trick autofill into giving away more information than you can see. This doesn’t happen on every website, but it is worth keeping in mind.

Are There Alternatives?

Autofill may be convenient but it’s also risky. It creates yet another opportunity for data theft or misuse. Unfortunately, it’s also the industry standard for inputting user information into a website quickly. At the moment, a few alternatives are being researched, including using biometric information to verify you are the user whose information is being accessed, and two-factor authentication keys that may be able to autofill information from an offline source.

However, these types of technology are largely in the development stage and are not yet widely implemented. Until they are, the safest way to protect yourself from the risks of autofill is to avoid autofill altogether.


To stay safe, turn autofill off and take the extra 30 seconds to fill in your own information.

Protect your privacy even further by browsing the internet with HotBot VPN.

Posted by

More Blog Posts

Privacy Tip of the Week: Buy a New Router

June 11, 2022

Privacy Tip of the Week: Buy a New Router

If you’re using wi-fi to read this article, it was probably made possible by a router. A router takes a wired internet connection – such as may be provided to a computer via an ethernet cable – and makes it available wirelessly. This allows devices like phones, tablets, laptops, and smart devices like home assistants, […] Read more
6 Expert Tips to Avoid Getting Hacked in the Year 2019

May 25, 2022

Expert Tips to Avoid Getting Hacked in the Year 2022

By October 2021, more hacks had already occurred than had taken place in the entirety of the year before. As fast as software is developed to protect user data, software is developed to breach it. Hacks take place approximately every 39 seconds and an estimated one in three Americans will be affected by a major […] Read more
Password Manager Header

May 15, 2022

Privacy Tip of the Week: Use a Password Manager

Passwords are the gatekeepers of our lives. They protect our devices, social media, and other personal information from prying eyes. However, with so many different accounts requiring passwords, it can be a hassle to remember them all (if not an impossibility). Because of that, many people choose to use the same password for everything, which […] Read more

Grab the limited deal now!

Our best price ever! Get HotBot VPN for 66% off today. Our app can be used on up to 6 devices at a time, doesn't limit speeds, and increases security and freedom when using the internet.

{{ localCurrencyFn }}
1 Year Plan
{{ plans[1].currency }}

{{ trialPriceNumeric(1) }}

/mo

Save 66%

{{ plans[1].oldPrice }} {{ plans[1].formatPrice }}

Billed every year.

6 Month Plan
{{ plans[0].currency }}

{{ trialPriceNumeric(0) }}

/mo

Save 20%

{{ plans[0].oldPrice }} {{ plans[0].formatPrice }}

Billed every six months.

1 Month Plan
{{ plans[2].currency }}

{{ trialPriceNumeric(2) }}

/mo

{{ plans[2].monthPrice }}

Billed every month.

Get the HotBot VPN Mobile App.

Download our apps for iOS and Android