/tags/go-lang/ Recent content in Go-Lang on Vanilla InfoSec Hugo -- gohugo.io en Sun, 01 Mar 2026 00:00:00 +0000 /posts/belphc2---dumping-passwords-out-of-web-browsers/ Sun, 01 Mar 2026 00:00:00 +0000 /posts/belphc2---dumping-passwords-out-of-web-browsers/ Save password..? Yes It feels like web browsers have accidentally become credential vaults? Mainly because… Well we typically hit “save password” when prompted: Admittedly, without much prior thought! Credentials for: Email accounts. Banking logins. Corporate VPN credentials. Cloud dashboards. Developer secrets. Session tokens. But there’s an important detail here in regards to how these browsers secure credentials in default configurations: Browser password managers are often designed to protect data at rest, not necessarily protect data from the logged-in user context itself.