Google adds protection for showing Chrome passwords on Mac systems - gHacks Tech News

Google adds protection for showing Chrome passwords on Mac systems

If you are using the Google Chrome web browser you probably know that it ships with a basic password manager of sorts that you can use to store authentication information.

That's great if you sign in to websites and services regularly on the Internet, as you can do so automatically or at least with minimal interaction and no need to remember usernames and passwords for that.

Google recently was criticized for the password manager that it built-into the Chrome browser, as it did not offer any protection whatsoever.

This meant that anyone with access was able to look at the usernames and also the passwords saved in the browser.

The company back then stated that it did not consider this to be an issue, considering that security was also compromised if someone managed to gain local access to the browser.

Others criticized Google for that stance, for instance by mentioning that there are situations where access is granted temporarily to friends or family members.

Francois Beaufort, a Google employee who is posting news about Chrome regularly on his Google+ page, mentioned today that Google made the decision to add protection to the password manager of Google Chrome.

chrome password manager

While that sounds great at first, it needs to be mentioned that the feature has been only implemented on Chromium builds for Mac, and not on Windows or Linux.

Mac users of Google Chrome -- I suppose it is currently only available in Dev and Canary builds -- can enable the new protection in the following way:

  1. Load chrome://flags/#enable-password-manager-reauthentication in the web browser
  2. Enable the preference and restart Chrome afterwards so that the changes are applied.

When you try to show passwords on the password manager page (chrome://settings/password) you will be asked for the Mac OS account password of the user that is currently logged in.

Once you supply the password, you can show passwords for 1 minute, before you are asked to reauthenticate again.

It is not clear if the feature will find its way to Windows or Linux, but it certainly would be appreciated by the majority of users of those systems.

For now, to stay safe, users on those systems should use a third party password manager such as LastPass or -- my favorite -- KeePass instead.

Now Read: Dashlane Password Manager review





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    There are no comments on this post yet, be the first one to share your thoughts!

    Leave a Reply