You sign up at a new website, and, being security-conscious, you use a password creator to give you a nice long, secure password. I use Nordpass to create ours at 16 characters with upper and lower case, numbers, and symbols. Helpfully, your browser throws up a pop-up, offering to save your new login so you won't have to remember that long password. Cool! Or not....
I follow a Facebook user called "Ethical Hacking". Today, a post from them crossed my feed, which highlighted how a simple, easy-to-find tool can be used to hack into your browser-saved passwords. One hack, and ALL your saved credentials are open to view!
What can you do? At the VERY least, you need to stop saving any sensitive credentials in your browser. However, the best option is to STOP using your browser as a password vault. Rather, you really should be using a 3rd-party program such as 1Password, LastPass, or NordPass. You can check out a good list at PCMag's Password Manager reviews for 2026. I'm not going to say which we use, nor do I promote one over another - every person needs to do their own due diligence.
How expensive are they? You should ask, "How expensive is someone getting access to all my passwords?" These managers are generally around the $3-4 per month range, which is crazy cheap for what they do and the security you are buying with them. Honestly, at $10 per month, they're cheap. So, stop relying on your browser to secure your sensitive data, and swap to a dedicated, built-for-one-purpose, password manager.