Slashdot Mirror
Chrome's Insane Password Security Strategy
jones_supa writes "One day web developer Elliott Kember decided to switch from Safari to Chrome and in the process, discovered possibly a serious weakness with local password management in Chrome. The settings import tool forced the passwords to be always imported, which lead Kember to further investigate how the data can be accessed. For those who actually bother to look at the 'Saved passwords' page, it turns out that anyone with physical access can peek all the passwords in clear text very easily with a couple of mouse clicks. This spurred a lengthy discussion featuring Justin Schuh, the head of Chrome security, who says Kember is wrong and that this behavior of Chrome has been evaluated for years and is not going to change."
I know it has been discussed many times to password lock access to stored passwords, though because browsers are not user-specific, this has not been done.
Solution: If security is important to you, don't be lazy.
We should learn what we need to know about issues, before we decide what we need to feel about them.
If you save your passwords in Firefox, you can obtain them, in plain text, by going to preferences, security, and saved passwords. Similar functionality is available in Internet Explorer. Safari is the only browser, that I know of, that asks for an account password before revealing the contents of the key chain password manager, but, with a little javascript, this security check can be easily bypassed.
The solution is to never hand anyone access to your operating system user account. Understanding and using OS user accounts and browser profiles, which Google Chrome includes an option for, would solve this “problem.”
On a side note, if other browsers are barely more secure or just as "bad" as Chrome, why is Chrome being singled out? When did it become fashionable by some in the tech community to attack Google?
Firefox menu -> Preferences -> Security -> Saved Passwords -> Show Passwords
I have taken advantage of it to post on friend's Facebook pages. Why the sudden interest in this ability on Chrome?
And he expected anything different? This is just Google's typical arrogance and exactly how they responded to the Gmail UI changes that no one asked for and all the stupid shit they change or disallow in Chrome.
If your browser can read the passwords and use them on the web, so can a local user. No surprise. Unless you set a master password (firefox offers this, not sure about chrome), there's no way to fix this. It's just how computers work.
Saved passwords have always been stored in a way that they can be recovered easily.
By definition, saving passwords will always be insecure, unless the program has a way to encrypt them using another key provided by the user.
They MUST be recoverable to be of use, because the plain text password must be available to the program for transmission to the web page.
A plain text listing of all the passwords saved is also easily accessible in Firefox. I believe there is a way to put a master password on it, however from what I remember (admitidly from a couple years ago), it was kind of a hassle
This functionality has been both in Chrome and Firefox for years now, so I don't see why people make a fuss about it only now..
Either you don't give other people access to your user account, or you use a 3rd party password-protected keystore like Keepass, Lastpass, 1Password, with a separate (or even 2-factor) authentication.
In Firefox just check Settings > Security > Saved passwords > Show passwords. To protect them a master password must be used.
How about the fact that Chrome can import passwords stored in Safari to begin with?
So Safari has some security issues as well. Where is the "master key" to export passwords?
I guess the underlying message is that if you leave a computer unattended the information is accessible to anyone. E-mail, passwords, documents, MP3s, etc.
This is a convenience feature and 99% rather have the convenience of a cached web passwords on their personal computer then worrying about something walking by.
Wearing pants should always be optional.
If Chrome is going to enter your password for you, it has to know your password. This simple requirement ultimately means that any attempt to obfuscate the stored password is going to be trivial to overcome by anyone who has physical access to the box, unless you're flat out encrypting them with another password that the user would have to enter to decrypt them, and at that point, we've pretty handily defeated the purpose of storing passwords (because let's face it, it's not like you're going to want to do this EVERY time you need to autofill a password, so we're just going to do it once and then leave the db unlocked), so you may as well just remember your passwords and enter them manually in the first place.
If someone has physical access to my (unlocked) account I'm doomed anyway - he/she could install all sorts of backdoors or keyloggers trivially.
The main argument seems to be that if a malicious user is able to access the unlocked operating system then, one way or another, they're going to be able to retrieve the stored passwords. While this may be true, that doesn't mean it should be made so easy that my grandmother could stumble across my entire list of saved passwords by accident.
You mean there are people who actually use the "save password" feature in their browsers? Wow. Just Wow. I was under the impression that feature was more of a joke for noobs.
I don't use Chrome much, but is there a master password that you can set?
If there is no master password, then no matter how the data is stored, it's as safe as plain text anyway. Even with master password, dictionary attacks will get you quite often.
And you can transfer/import/export the data encrypted with master password between different installations without decrypting it.
--Coder
I've seen this on several sites, is this news to anyone?? Did you miss it many years ago when this was added? You know what, when someone is physically on my machine while its logged in, they can also send emails from my account!! Its just right there ready to go! We need to do something about this!
If it really bothers you, encrypt your browser's settings files with your operating system's filesystem encryption feature.
... because my windows 7 has password!!
8)
Anybody notice Justin's LinkedIn profile? See any interesting prior employers? You guessed it.
look down on web developers.
Why complain about this. If you're storing your passwords in your browser - im not sure how this qualifies as being significantly worse -- they can already just sit down at your browser and change your passwords - which is worse since it locks you out of your own account.
Just dont save passwords if you cant secure your workstation i think is common sense.
I was crazy back when being crazy really meant something. (Charles Manson)
Unless you put a master password on the keyring, anyone can view your saved passwords in cleartext with little trouble.
With the recent leaks about how Google cooperates with government surveilence; I almost wonder if blatent weaknesses like this are by design. Sad when what should be outlandish conspiracy theories sound tame compared to what it's revealed they're alerady doing.
Passwords have to be stored in a decryptable form, because the browser needs them decrypted to fill in the password fields or to respond to HTTP authentication responses. That means that any malware with access to the browser can get those passwords in decrypted form too. A master password doesn't help, the malware can just get the passwords after I've entered the master password to decrypt them for use (assuming it can't just get the master password when I enter it). The only thing encrypted password storage really protects against is someone with access to the physical storage media but not the running system, or essentially stolen mobile devices (phones or laptops). On those you probably shouldn't be storing passwords at all, because any reversible encryption is too easy to crack using off-line attacks with modern hardware.
It's similar to my objection to the old "don't write down your passwords" thing: the risk of a remote attack against easy-to-remember passwords is much higher than the risk of an attacker physically getting into the locked drawer of my desk in the locked area of the secured and patrolled building my office is in, and if the attacker has gotten into the locked drawer in my desk I've got much bigger security worries and the attacker has much juicier targets he can go after.
Title should read: "Elliott Kember's Insane Password Security Strategy"
Seriously, why are you storing passwords, at all? Unless you're storing them on in an encrypted space of some kind that requires two-factor authentication you shouldn't be storing passwords at all (and even then I really question your sanity).
Maybe it's that I've never imported passwords from another browser, going to chrome://settings/passwords as suggested doesn't show any plain text passwords for me. It only shows a few sites anyways on this machines. I'm fairly sure Chrome on my Linux box at home is using a different method since Chrome prompts for my password file password just for opening up the browser because I have the password file password different from my login password.
New Dev Team: "The password for automatically accessing the remote server is in plain text!!! We need to encrypt it to make things more secure!!!!"
Old Dev Team: "But it is only root readable. And where will the keys for this encrypted password be stored?"
New Dev Team: "We'll put them somewhere only root can get to."
Old Dev Team: "How does an extra layer of work for us make things more secure?"
New Dev Team: "It's encrypted!"
Old Dev Team: "You suck."
"For those who actually bother to look at the 'Saved passwords' page, it turns out that anyone with physical access can peek all the passwords in clear text very easily with a couple of mouse clicks."
Good thing I restrict physical access to my machines and devices with passwords...problem solved for me.
It's not a vault you put passwords in but can't get them out of. And PWs have to be accessible as plaintext to send them to sites. There doesn't have to be a UI to view them, but hiding plaintext from the UI isn't a security measure since you could always write a tool to dig into Chrome's files, which would lead to Slashdot carping about how it's security by obscurity or Google locking up your data.
As others mention, encouraging folks to use a master pass or something could be nice, as could a LastPass-style thing inside Chrome. More two-factor auth could be even better. But having plaintext accessible is a sane design, like the Chrome guy says.
Couple of mouse clicks? Open a new tab and type about:settings/passwords (and then somehow press the return key). Look everyone!
There are things like private/public key encryption you know.
Maemo's messaging app stores passwords in a plaintext file, some users found it and wanted it obfuscated to at least make them non-trivial to retrieve. The Maemo devs argued that obfuscation would be better at lulling users into a false sense of security about what is stored than thwarting those who want to access it maliciously.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Start locking your computer when you walk away from it.
No, I will not work for your startup
It would be less trivial if one had something like the Android model where each application (with some exceptions) stores (some of) its data as a separate user, and without root privileges, one can't access the data for the application except by the methods provided by the application.
Google's rationalization that the system is already insecure if someone else has physical access to it is absurd. That's like saying it's ok for a bank to leave everyone's money on the counter overnight because if someone breaks in then that same person can easily break into the vault, which is obviously not the case. Computer systems should have multiple levels of protection as well.
... will be that the user can tamper with the SSL root certificates (or just add her own) and trick Chrome into giving up the password to a locally-hosted web server presenting an apparently-valid cert for the target domain.
In order to remedy this, Chrome must adopt the policy of asking the server to pinky-swear that they are really the named entity.
Actually, the passwords ARE encrypted with another master password, so you already have your best-security scenario. You just never have to enter it (at least on Windows) because Windows uses your session logon information to decrypt the passwords. Not logged on? Your passwords are secured. Yay!
Seems like an easy fix: give the user an option to log into their Google Account when they start Chrome combined with the option not to store any passwords or bookmarks locally. Google is pushing the whole cloud-syncing of user data in a big way anyway, it doesn't seem like Google would lose much ditching the local storage for users who care about this.
And where do you keep the private key? Inside the distributed Chrome binary? That's locally accessible.
I'm out of my mind right now, but feel free to leave a message.....
Chrome stores it's data in user space which is encrypted at the file-system level by my operating system, Windows. I don't use Apple products so I'm not seeing a problem for myself, just Apple users(?).
Done.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
There are things like private/public key encryption you know.
Apparently you need to think about this a bit more. How exactly is Chrome supposed to decrypt a password without storing the secret that allow it to do so on the same machine/account? Even if the password is encrypted with an asymmetric key, the corresponding key must be stored where Chrome can access it to de-crypt the password(s).
-- Humans, because the hardware IS the software.
But what about typing hundreds of passwords?
Once you have more than a few, you resort to a crutch of some sort.
Here's a crutch. Just paste it to something like safepassword.sh in /usr/local/bin or similar:
#!/bin/bash //g"
# script: safepassword
# this script depends on sha512sum
if [ "$2" = "" ]
then
echo "usage: safepassword constant_key password_purpose"
echo " where constant_key is a string of printable non-whitespace characters,"
echo " and password_purpose is a memorable string related to the purpose of"
echo " the password, e.g. a website address. Since the script removes any"
echo " characters outside 0-9 a-z A-Z it is possible that the password will"
echo " be too short in some cases."
else
echo -n "%1-%2" | sha512sum | xxd -r -p | tr -cd [:print:] | sed -e "s/[^0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ]//g" | sed -e "s/
echo
fi
The script is indented, but stupid slashcode ignores characters.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
first off the main first issue is obviously a problem with Safari.
But in general, that is how all browsers do it. how is this news?
Troll is not a replacement for I disagree.
The head of security of chrome put it just right. You cannot protect any data unless you lock your OS account. Being a (lousy and unexperienced) web developer myself I can tell most web developers don't even know about kernel space and user space, but that's how it works. I'm not saying they should become engineers before being in charge of a project, but maybe they should take an introductory class on Computer Science or read a book on the topic now and then...
... Chrome is able to use the KDE password wallet if present, which is protected under a master password. (I assume it can use the GNOME equivalent too). If so, Chrome won't save anything itself, so on that count at least, you're safe.
That said, I would recommend using a service like LastPass anyway, so the problem is taken entirely out of the hands of the browsers.
-- B.
This sig does in fact not have the property it claims not to have.
Yea I get the basic argument browser needs to be able to decrypt passwords somehow when needed this means either a password encrypting password thing or punting responsibility down the stack.
In many operating systems there are secure ways of doing precisely this. Use underlying operating systems keychain where available such as windows credential store (Sorry XP users). The credential store is at least protected by the users security context and syskey if non-default setting is used. On shared computers this will at the very least keep a users password stash safe from other users. It can also keep the users password stash safe in the event their computer is stolen.
It is easy to make argument in the real world doing x may practically offer little benefit but it is easy to be lazy. There is no harm in over delivering and under promising. Tell the user their stored passwords are insecure AND at least try to do the right thing anyway.
Sheesh. Auto-fill is NOT showing you the passwords. Granted with a little work, you could probably capture it as it is moved from browser store to web page password field but that's a serious level of escalation compared with Chrome just saying "here's the unencrypted passwords for all stored passwords". Firefox has the ability to lock down the display of unencrypted passwords with a master password. Chrome doesn't apparently.
Very very different things.
People in cars cause accidents....accidents in cars cause people
can peek all the passwords in clear text very easily with a couple of mouse clicks
it takes at least 3 clicks with Firefox.
I'm an American. I love this country and the freedoms that we used to have.
There are things like private/public key encryption you know.
Yes, and if you understood how public key encryption works, you'd realize its existence is not relevant to the discussion at hand. It has no useful function here. (Note: your "master password" is not a private key of this sort -- no hand entered password ever could be... unless you're Lt. Cmdr. Data.)
"Convictions are more dangerous enemies of truth than lies."
I am disappointed to see that this non-story has made the front page of Slashdot. I don't want to echo all the comments made here already, but I completely agree that: It has always been this way in Chrome Firefox does it too (with the option of Master Password to "protect" it) Firefox's protection is Security Theater The author comes across as fairly clueless The real place to secure this is at the user login, since it involves physical access. There are a million other nasty things someone can do if they are sitting in front of my PC unlocked. So I will parrot: why is this news?
I think browser vendors make the built-in password manager confusing in terms of explaining what a user must do to keep their passwords secure as well as the GUI. I'd prefer they just remove that functionality and let other third party providers who do it better be the user's choice.
All the browsers should remove the Show Password feature. Make the user (genuine or malicious) use some third party program or keylogger. Just remove the show button without stating in anyway it is for security.
Don't bother with a "master password" as one already exists with the Windows login. Adding more passwords to type in just makes the user experience poorer and less secure due to poorly chosen passwords.
If the above isn't done at least provide some user education by adding an informative message when a user saves their password that states "Others with access to your computer may be able to retrieve your password. Do you wish to save?"
Any one who can log in to your unix/linux account, (or any one who can read your ~/.ssh folder, if you are dumb enough to leave it group/world readable) can steal your ssh keys and pretend to be you and log in to all machines in the known hosts file.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
If the attacker has physical access to my machine in a logged-in state, tell me how any kind of master password or encryption scheme is going to keep him out of my data, including anything on my local hard drive, or any web-hosted services that have a cached credential? The barn door's already opened, fellas.
Besides which, any "solution" such as storing passwords offsite, encrypting, etc. will also require the user to take definitive action to open and close the password repo. The problem is our user can't/won't be bothered with taking action to secure his access, so that solution is no solution.
Google's right on this one.
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday
Currently I am able to log in and out of gmail on a friend's laptop without any (reasonable) fear that my email will keep living on that machine (and is unencrypted). Obviously keyloggers etc could grab my password, but let's assume I'm not _that_ paranoid.
I do not have this option with the Chrome browser itself. At best, I can log into Chrome (and am encouraged to do so at first startup) and at the end of the session, I can delete the profile (rm -rf .config/google-chrome). This certainly deals with the problem, but is pretty clunky. The should be a login / logout feature to the browser, not just my email.
Compare this to Chrome OS. Here the functionality is built in; you don't have to delete your user account at the end of every session. Encrypted files are stored on the local drive which you can then access the next time you log in. It's quick and painless. This needs to be built into the standard Chrome browser.
FIRE him.
Firefox has the option to protect saved passwords with a master passwords and if you already unlocked the password store, in order to read password from the GUI, you need to unlock it again
Exactly. Mozilla's email client Thunderbird also uses a Master Password to unlock the view-ability of the stored passwords.
For those who insist on saying that chrome's security method is good enough consider this: How many people use separate log-in's for the "Family" computer that stays on most of the time? Not very many I'd imagine, just too much trouble for most to deal with. This means that both other family members as well as house guests can casually access all those passwords in no time.
Even if you do use different log-ins consider this type of common scenario: Your son or daughter has a "friend" over and they are cruising the web on her account doing whatever. Say that they are reading some news item or article together when the daughter gets up to go the bathroom. Do you think for one second that she is going to lock the computer and force her friend to wait to finish what she is doing? No. Her "friend" will then be able to casually and quickly access all those passwords and type them into her iphone for safe keeping before your daughter gets back. She now pwns your daughters facebook account, bank account, cellphone account and who knows what else.
How can anyone with a straight face say that is an acceptable security method? The fact that my open source email client has an easily useable default master password system proves that it is something that chrome could easily implement as well, hell, just copy the open-source code from thunderbird if you need to...
To be quite frank; when I think of Google or Microsoft "my security" is not something I honestly expect from them, and this newest revelation just further confirms that perception.
http://i.imgur.com/pjBHjW0.png
Maybe they can't make it locked down tight enough for a hacker or someone who's determined to get at your passwords, but then they don't need to abandon that effort. They've basically said "We can't make it super secure so we're leaving the door wide open instead". You forget to lock your work machine when you go to the bathroom and the guy in the next cubicle can read all of your passwords in seconds, without any hacker knowledge or skill whatsoever.
Don't depend upon your browser to secure passwords. Use a program like LastPass.
How is this "you can get a cleartext password in a couple of clicks" is different from, say, kdewallet? With physical access to unlocked wallet you can also ask it to display the cleartext password. This actually helped me once when I forgot my sf password having relied on kdewallet for a while and then I had to retype it on another box.
VKh
As far as I can tell, the only "news" in this post is that Elliott Kember has only just noticed that Chrome passwords are plain text.
Cool, I'm going to write an article about how my grandmother has just "discovered" the internet, and submit it to Slashdot.
I actual used the "Show Passwords" feature quite frequently. Certain sites seem to like blocking auto-complete of username and password fields (mainly banks, I've found). These sites also tend to have the most archaic password policies, where my standard password (which I append with a site-specific suffix, as per recommended security practice) cannot be used because it contains non-alphanumeric characters.
So it's a password I cannot remember, and while Firefox remembers the password it is being blocked from filling it out for me. I used to go in, look up the password, and copy-paste it in. Now I've moved away from it (found a JS bookmarklet that forces autocomplete on), but I still remember exactly how to do it. And you know what? It has to be more secure than constantly resetting the password and getting it emailed to me.
You know what's worse? I actually tried to have three-tiered passwords. A simple one used for places where it can be compromised without impacting me, a more complex one for standard usage, and a fiendishly-complex one I was going to use for the most important things: root logins to servers and banking passwords. Sadly, my twenty-plus-character, mixed-case-with-numbers-and-symbols non-dictionary superpassword is rejected by every bank I've ever used, so all it's securing right now is direct root access to my BSD box.
Seeing as Google has decidedly ignored over ***15,000*** requests to put in a "master password" (such as the one Firefox has), I'm not one bit surprised. Google expects Chrome's profile folder to be in the current user's "home" directory, and uses file ownership to protect others from peeking at its contents.
it is called ChromePW and it's purpose is to do the same as the Master Password in FF
https://chrome.google.com/webstore/detail/chromepw/oeiimoikalhhgfhfkfhngehekefpiaag?hl=fr&utm_source=chrome-ntp-launcher
Others: you've modded this driven insightful? For shame.
AC: You should call LastPass and patiently explain to them why nobody will pay them money for their password manager, because this is exactly what it does. Well, 'exactly' with the exception that you can set it to remember your master password until you close the brower session and/or are idle for a specified time and/or (implicitly) log off. Sort of addresses that "EVERY time you need to autofill a password" thing.
After all if you memorize one password you may as well just memorize all of them and enter them manually in the first place... there's no convenience at in memorizing just a handfull.
anyone with physical access can peek...
pretty much everything he wants/like.
'Nuff said...
No, actually, Obligatory XKCD Citation(TM)
Sure, it's shocking for someone who thought their passwords were safe in Chrome to realize that they're visible with four clicks. But the real issue is that Chrome passwords aren't really stored safely. If you get a virus on your system, it has full access to the passwords.
Honest question: why doesn't Chrome implement something similar to KeePass or LastPass? Is there some technical reason? Is it astoundingly difficult? Does it not actually provide additional security against malware?
I hope none of you are surprised that Google is not private and secure.
Is this true on Windows implementations of Safari as well? What OS service is used?
Didn't he say that if security is important to you, don't publish your private info on Internet? Password in chrome account is private info of course. I can see that SOB gleafully rubbing his hand: "We've got you!"
When I click Tools -> Options -> Security -> Saved Passwords -> Show Passwords -> Yes
All my saved passwords are displayed for all to see.
That's the default.
The master password is opt-in and never mentioned unless you poke around in the settings.
What about allow the user to leave the operating system account unlocked (or have it shared with relatives) *BUT* lock the browser's access to the password store, would it solve it? Kind of redundante, but it would allow sharing the same SO account but have different browser access to the passwords - could even allow other shared SO account user to start a new browser account session with it's own password store... (I'm assumming that the browser can check the password store credentials without saving those in clear - but only their hashs or something).
Chrome already have the google account sign in option for the browser.
Where the hell is the fire? Browsers like Firefox have LONG stored passwords with a button to click to reveal said password. And they kept on making Twinkies the whole time. Holy creme-like filing
So along comes somebody who has apparently never seen this before and wow, they have stopped making Twinkies this is so serious! Except, well, it's not. And the Twinkies are back. More or less.
The fix for this is easy: don't store passwords in the browser. I know, DOH! And if you do, don't let other people use your browser. And if you do, then use a password manager, which aside from being cross-platform and mostly free, do a hella better job of inventing good passwords for you and keeping you from using the same passwords all over the internet, because remember, you don't have to worry about your OWN security. You also have to worry about the security of EVERY site where you use a password. If you use the same password and user combo everywhere, or even one that appears to be a pattern, then you are basically asking for trouble when some forum gets hacked and your password turns out to be pass+websitename=supersecretpass. Simple patterns for you to remember are also simple to reverse engineer. So don't do that. Quit whining and get a password manager. And use it right.
The burden is on YOU to wisely manage your passwords, the quality of said passwords, and who has access to them. Does not matter which browser or OS you use. Don't be a stump and try to pin responsibility anywhere other than between chair and keyboard.
Sig for hire.
Accessing the password store without having a master password allows someone to access your passwords in a few clicks.
BUT, even if a Master Password existed in Chrome, I could still access your stored password to a site in a few clicks too.
1. Enter site url
2. Right click on autofilled password box
3. Click "Inspect Element"
4. Change "input type="password" name=........." to input type="text" name=.........."
5. Et voila, I can see your password.
No hacking required. A little knowledge, but not exactly rocket science. Would most regular non-techie people know that? Probably not, but adding a Master Password is only really slowing someone down, and making it a little more awkward to get ALL your passwords.
If you are giving someone physical access to your machine for more than 10 seconds, then they don't have to become HAX0RS to gain access to your passwords - that's just a fact.
So the answer is: 1) Only give computer access to people you really trust, or 2) Be a grown-up and deal with the (gasp) social awkwardness of switching someone you don't trust 100% to using a guest account, or LOCK your PC.
Note: your "master password" is not a private key of this sort -- no hand entered password ever could be
What makes key stretching to generate keys from passphrases an invalid technique?
Generate the encryption key from a master password that the user reenters at the start of each browsing session, and never write that key to the file system.
Compromised user account has access to all user's data! Film at 11.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
The embedded flash plugin was a disaster. Pages still display incorrectly. Scripts still run incorrectly. It's still a privacy catastrophe. Then they store passwords in plaintext and stand by it? I swear, Microsoft's Windows 8 team designed Chrome as one giant troll or something,
Sorry, I agree with the OP. One "other way" to keep track of passwords is simply to memorize them. But, since memory is often a "use-it-or-lose-it" proposition, forcing yourself to use the password will help refresh your memory.
I have never stored any password on a browser, earlier the reason was it was a shared PC and now it's just a habit and I don't trust how securely they are saved. I have all my passwords on a thumb drive that I carry with me and that too is encrypted. And also I choose 'Deny' option when chrome asks it wants to access my contacts information.
And there will be accounts which you will use rarely. E.g. when most of your finances are "automated" like they should be, logging on to banking website may be rare - say once a month. There could be some important email accounts which are used rarely.
A password used once, a month ago, is not very likely to be recalled easily.
Bingo Dictionary - Pragmatist, n. A myopic idealist.
People store their passwords in their browsers? I honestly didn't think anyone used that feature.
What happens when an Apple troll writes an effective piece of link bait, and a bunch of people who don’t know any better fall for it... The Chromium FAQ explains why local attacks aren't in Chrome’s threat model. Passwords can be accessed as easily in Firefox, and passwords in Internet Explorer and Safari can be hacked out in under a minute with a little JavaScript. Google's "go-to" argument is right. If you're worried about security, don't share your operating system user profile. Understanding and using OS user profiles would solve this “problem.”
Both FF and Chrome have decrypted access to your passwords. Just that FF doesn't for the first 3 seconds you start the program, before you punch in your Master password. I see why Google would simply let be visible, since it's there anyway, but I really do believe that Elliot's core statement is right: the people that hack into your computer or get around your security aren't the people who are going to be using your laptop or desktop. It's the soon to be ex-husband or your daughters friend or your son in a fit of anger after you cut off his cell phone. simply requiring your google account password to access that page would be more than enough to dissuade an entire sector of would-be opportunists. I don't lock my office, but I do close the door and Google doesn't see how there's a difference because in terms of security there isn't, but in terms of actual property loss over 15 years, there is a real world difference.
Problem solved. All arguments to the contrary will be filed in the circular filing cabinet.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.