August 7, 2013
Google Chrome stores your passwords and makes it easy for anyone to see
Sites, apps, browsers all lay heavy claims about being secure while maintaining passwords to our various online accounts. Google, one of the more trusted names and widely used modes of communication – Gtalk, Chrome, Android et al, also does this but makes it ever so easy to actually sift through the back end view every single password you may have chosen to save into the Chrome browser. It’s ridiculous. Each time you enter your password into a log in page on Chrome you will often get the option of whether you’d like to save the password into the browser or not. On one hand this makes perfect sense as it simplifies logging in when you return to that page without having to enter your details all over again.
Here’s the catch though, if you’re logged into Chrome anyone and everyone has easy access to all of your passwords simply by accessing the Chrome browser settings page>Advanced Settings>Passwords and Forms>Manage Passwords. You’ll get the entire list of sites you’ve used utilising the Save Password option with complete access to view all the passwords. The worst past is, there is no security measure here when you click on a web link and select ‘Show’ password. This might be great for those who often forget their passwords but come on Google, a master password or requirement to at least re-enter your Google Id password should have been enabled. This little faux pas could get a lot of us in serious trouble, not to mention the browser itself.
Try it out yourself and by the way, simply logging out of your Chrome browser Google id does nothing. The Passwords and Forms section is still easily accessible with all stored passwords a click away from the rest of the world. Isn’t that just great!
[Via – Elliottkember]