How Google Chrome Lets Anybody See Your Passwords

August 17th, 2013
Updated 08/17/2013 at 1:32 am

Google’s Chrome browser and operating system may be revealing your secret passwords to everyone from coworkers to absolute strangers.

Google Chrome logo.One of the most popular features of Chrome is its ability to store passwords. That way they pop up automatically when you go to a function like email or Facebook. Elliot Kember, a software developer, discovered that anybody who clicks on the Chrome settings icon can see all of the passwords on that computer if he or she goes to the show advanced settings and passwords and forms sections.

The passwords are obscured, but clicking next to them causes them to appear in plain text. The text can be easily copied and emailed or seen by anybody that uses the computer. That means it would be easy for a hacker or malicious stranger that opened a computer with Chrome on it to see all of your passwords.

What’s really disturbing is that the head of Chrome development at Google, Justin Schuh, told The Guardian that he knows all about the flaw. Worse, Schuh said that there are no plans to correct it. In a piece he wrote on the website ‘Hacker News’, Schuh explained:

“…we don’t want to provide users with a false sense of security, and encourage risky behavior. We want to be very clear that when you grant someone access to your OS user account, that they can get at everything.”

One has to wonder why this flaw has not been fixed. It would certainly make a hacker’s job easier, let alone the job of the NSA or spy agency. If the source computer used Chrome, all the hacker would have to do is go to the settings icon to get the user’s email passwords. One security expert told The Guardian:

“The fact you can view the passwords means they are stored in reversible form which means that the dark coders out there will be writing a Trojan to steal that password store as we speak.”

It has been revealed that large Internet companies such as Google and Microsoft have worked closely with the National Security Agency. There is even evidence that Skype (now part of Microsoft) helped the NSA get easy access to customer data. Therefore we need to ask, is this flaw actually helping these companies access your data even easier than before?

The surveillance state might be making it easier than ever for hackers to steal our personal information. The quest for national security appears to be endangering the security of the private individual.

Share Button

Tags: , , , , ,

Category: Privacy

About the Author ()

Comments (10)

Trackback URL | Comments RSS Feed

  1. spy says:

    I can only guess who has my pws.

  2. Charlie says:

    This story is rather silly.

    I hate Google as much as the next guy, but Firefox also does this.

    For fifty years it's been the case than when you grant someone access to your OS user account, that they can get at everything.

    • Albert Morenk says:

      On firefox you have the option to set a master password to protect your stored passwords. If someone else does not have your password, all he can see is a username and a site, with no chance at all that he can see your passwords.

  3. Billy Barney says:

    Firefox does this as well, but gives you the option to set a master password. Best best security results do not save passwords on the computer.

    • Joe says:

      Or use something like KWallet. 😉 Yeah, a master password at least is a good requirement. A wallet/crypto keychain is very nice, also.

  4. I always clear my cookies and password before and after using email and other online stuff. This is the best way to stay protected when you are not in touch with your PC. plus is also added a sms alerts. so when ever I log in to gmail I instantly get notification sms.

  5. Heya i am just to the important time period this. I ran across the next on-board as well as We to uncover It sensible & which compelled us being outside the house a good deal. I am hoping to offer some thing back as well as aid various other people who anyone offered us.

  6. The observation state may be making it less demanding than at any other time in recent memory for programmers to take our individual data. The mission for national security seems, by all accounts, to be jeopardizing the security of the private single person.

  7. olivia says:

    The actuality you can see the passwords implies they are put away in reversible structure which implies that the dull coders out there will be composing a Trojan to take that secret key store presently.

Leave a Reply

Your email address will not be published. Required fields are marked *