Spell-checking features raise concerns about what happens to data during transmission and how safe it might be to use this feature. Although the functions are already integrated with the browser, If the advanced mode of the same is activated, it could be a potential risk.
Using this feature sends data to Google and Microsoft, respectively. Depending on the website used, This information could be personal data including names, Addresses, emails or even bank details.
Users often use the “Show password” to verify that they have entered it correctly. If you use spell checker, Some websites submit the information for verification. This is the case, for example, in facebook.com.
In this case, it would be advisable to disable the advanced spell checker in both Google Chrome and Microsoft Edge. As of the date of writing this article, neither Google nor Microsoft have released updates so that the spell checker does not work in password fields.
Fountain: Bleeping Computer