Google Chrome’s Insanely Open Password Security Strategy

Google Chrome’s Insanely Open Password Security Strategy

Chrome does something interesting when you first run it. The other day, I was using Chrome in development for an Ember.js app. I use Safari for day-to-day browsing, but it has a habit of aggressively caching files when I least expect it, so from time to time I switch to Chrome.

Google Chrome’s Insanely Open Password Security Strategy

I decided to hit Chrome’s “Import bookmarks now” link and see whether I could import my bookmarklets from Safari, so things would be nice and consistent between the two browsers. I didn’t expect this:

Google Chrome’s Insanely Open Password Security Strategy

This struck me as particularly odd. Why is “Saved passwords” greyed out, and mandatory? Why have a check-box? This is the illusion of choice. I think it’s deeply misleading, and this is why:

This is a page in Chrome’s settings panel:

Google Chrome’s Insanely Open Password Security Strategy

See that “show” button? It does what you think it does.

Google Chrome’s Insanely Open Password Security Strategy

There’s no master password, no security, not even a prompt that “these passwords are visible”. Visit Update: Justin Schuh, head of Chrome security, says I’m wrong, and that this is not going to change.


This post first appeared on elliottkember.com and is republished with kind permission. You can follow him on Twitter here.


The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.