Is Google Chrome’s password security flawed?
Conan Hughes | On 09, Aug 2013
How easy is it for prying eyes to uncover passwords that are stored/saved in Google Chrome? The answer may be surprising to the average user. By simply going to the browser’s settings, anyone can discover the credentials you submit every time you log in to your favorite websites.
To see for yourself just how much confidential information is exposed on your computer, simply enter chrome://settings/passwords in the Chrome address bar. All the passwords you opted to save—Chrome automatically asks users if they would like their credentials remembered, so they don’t have to type their info next time—are found in that list. When you select one of them, a Show button appears that lets you reveal the hidden passwords. It’s that easy.
Google Chrome’s developers seem to have no intention of implementing a master password just yet to give users a better sense of security.
This apparent vulnerability and lack of security in Google Chrome is under the assumption that one has physical access to your computer. If that’s truly the case, anyone with ill intentions can actually just install a keylogging software that can record every stroke in your keyboard—usernames and passwords included—and send your information back to the intruder’s own computer or email. Because of that scenario and along with many others, implementing a master password feature is ultimately not the best approach for Chrome.
So what options are available for users? First of all, common sense dictates that you never leave your computer unattended, especially in public places. Given that privacy and security are important in this day and age, all computer owners are responsible of setting up a password for their operating system. To put it simply, don’t lend your computer to anyone. Create guest accounts if you really have to do so.