-In web environment, browser extension extends its functionality by retrieving, presenting and traversing the information through web browser. Browser extensions run with 'high' privileges which consequences, vulnerable web browser extensions to steal user's credentials and trap users into leaking sensitive information to unauthorized parties. One of the attack known as Colluding browser extension attack causes privacy leakage of share data in web browser through extensions. This paper, proposed Defacement of colluding Attack (DCA) mechanism to secure user credentials and confidential information over web browser extension. DCA mechanism encapsulate padding with blowfish algorithm to encrypt sensitive information before sharing it over common memory location. Finally the comparison evaluation of proposed mechanism is carried out with twofish, threefish, 3DES and DES on standard parameters such as encryption time, decryption time, key-length, throughput, attacks and level of security.