1. Home >
  2. Apps >
  3. Groups >

Google Chrome Password Security Flaw Fix Introduced On Chrome For Mac

Question asked by Ankita Katdare in #Hacking and Security on Nov 6, 2013
Ankita Katdare
Ankita Katdare · Nov 6, 2013
Rank A1 - PRO
Google Chrome security became a topic of discussion back in August when a bug was found that let anyone see a user's passwords stored in the web browser. Simply by clicking on the Settings icon, choosing "Show advanced settings" and then "Manage saved passwords" in the "Passwords and forms" section, a list of obscured passwords would be revealed for all the sites visited and clicking beside them revealed the plain text of the password, screenshot of which will get you the key to all those personal and professional accounts. We reported the Google Chrome password security flaw and were wondering if the company was ever going to bring in a fix. But the company does care about its users security and therefore in a new experimental flag in the last Chromium Build for Mac, you do get a fix.

google-chrome-password-security

"Once you've enabled the chrome://flags/#enable-password-manager-reauthentication flag, user who's trying to reveal a plain text password inchrome://settings/passwords will be prompted to reauthenticate with the User Mac OS password. When you are authenticated, you won't need to reauthenticate anymore for one minute." reported François Beaufort on his Google+ profile. Lack of password security can be a serious threat to a user's personal account logged in using any web browser. A Google representative had responded that the security flaw was a feature of the browser and that the main password boundary for the user was the OS user account and there were vulnerabilities that could be exploited if that is breached.

Though at the moment the fix is only available on Chrome For Mac, since Google is looking into it, we should soon expect a solution for other platforms too.
Posted in: #Hacking and Security

You must log-in or sign-up to reply to this post.

Click to Log-In or Sign-Up