First, your username and password (aka your “credentials”) go from your fingers to the keyboard and from there, to the inner workings of your computer. It matters not if you are using a desktop computer, laptop, iPad, smartphone or Android tablet, the process is exactly the same.
Your credentials go into the computer, somehow, to be transported somewhere else. They are stored in your computer. If you are not taking the proper precautions, this information can be intercepted by Internet criminals.
If you use an email program such as Outlook, Apple Mail, Windows Live Mail or similar products, your credentials are actually stored in a file on your computer.
You may not think you are storing anything important, but your username and password are stored on your computer’s hard drive, to save you the extreme hassle of having to manually type them in every time you want to check your email. As soon as you start up your email program, it grabs the file where your credentials are stored and types them in for you, sending them on to your email provider.
If you use webmail, meaning you use a browser to go to a website to do email tasks, and have checked the “remember me” or “keep me signed in” boxes, so your username and password are automatically filled in, then, again, your email credentials are stored in a file on your computer.
In this case, your browser, just like a regular email program, instantly sends your credentials across the Internet as soon as you click the “Sign In” button. Automatic login methods like these also can be intercepted and fall into the wrong hands.
After you start up your email program or your browser automatically signs you in, your credentials take a crazy path all over the Internet before finally landing at your email provider’s headquarters.