Google Chrome Browser has Password Weakness

| by Michael Allen
article imagearticle image

The Google Chrome browser has a weakness that allows anyone with access to a computer to see all the passwords that the computer's owner has stored in the popular browser.

The passwords can be seen by going to "chrome://settings/passwords" in the browser. Initially, the passwords are censored, but by clicking "show," the passwords appear in plain text.

Another problem is these exposed passwords do not have to be directly entered through Google Chrome to be visible.

If someone exports the information from another browser into Google Chrome, then those passwords are vulnerable as well.

There is also the possibility of hackers creating a trojan file that could accidentally be downloaded to a computer by the user. Theoretically, the trojan could secretly copy the passwords off Google Chrome and send the info back to its maker.

Justin Schuh, of the Google Chrome developer team, said the search giant is aware of the vulnerability, but there are no plans to change the browser, reports The Guardian.

Along with Microsoft's Internet Explorer, Mozilla's Firefox and Apple's Safari, Google Chrome is one of the most widely-used browsers.

"The overwhelming majority [of Google Chrome users]. They don't know it works like this. They don't expect it to be this easy to see their passwords. Every day, millions of normal, every-day users are saving their passwords in Chrome. This is not okay," said Elliott Kember, a software developer who discovered the weakness.

Source: The Guardian and Elliott