Thanks for reporting, djkiani. 
I tested "manage password" function on both mac and linux, it seems this problem only happens on Linux. 
Adding more labels to this bug to help triage. 

+vasilii@, you know better than me in this area. Could you take a look at this bug?

The reauth has never been implemented on Linux due to lower priority than other OS. Reassigning to vabr@ to triage.

Hi,

We observe this issue chromium also on linux. Have you check it?

Thanks

Hi djkiani, 
Chromium and chrome share basic code basis. I'm waiting for vabr@ to triage this bug. Most likely, this issue is work as intended according to #3. 

@Jialiul: I have tested this in windows also but still same problem there? I can access all stored password from browser UI password manager. 
I have tested this on window 7-sp1 with latest chrome browser.

Thanks

vabr@, could you chime in?

This is a known issue on Linux and Chrome OS.

On windows there should be reauthentication, as long as the OS account also has a password. djkiani, do you use a password to log into your Windows machine?

In window i am not using password for os-login, without this i can access all stored password. 

When you make this change for linux? i remember few months ago i tested this that time it's work fine on linux. 

Thanks for your response.
If you do not use password for OS login on Windows, there will not be a password to enter before viewing Chrome's passwords either, that is working as intended, because the only password Chrome on any platform uses to guard password viewing is the OS password.

Viewing passwords has never been guarded by a password on Linux.

@Vabr: Thanks for your detail answer. You said it's not a issue or already known issue about chrome on Windows and Linux both?
Because i am going to write an article about it.

This is a known issue for Linux, and working as intended for Windows (as long as using a non-empty Windows OS password results in the reauthentication prompt appearing before viewing passwords).

@Vabr: I am successfully view password on windows machine. I am using window 7 32bit with latest chrome. Kindly check the screenshot of screen. 

Deleted: win-1.png 130 KB

	win-1.png 130 KB View Download

Deleted: win2.png 155 KB

	win2.png 155 KB View Download

Deleted: win3.png 156 KB

	win3.png 156 KB View Download

@djklani: What exactly is your question?

@Vabr: I don't have any question. I found a security issue in chrome and i reported. 
May be you didn't catch my point. 

Hi djkiani@,
To summarize previous replies. 
(1) On Linux, showing passwords without re-auth is a known issue 
(2) On windows, showing passwords without re-auth only happens if OS account does not have a password. However, if you have password for your OS account, it will prompt you to re-auth.
So what you have experienced is work-as-intended (i.e. works as the system is designed) based on comment #10.
Given the two points above, we marked this report as "Won'tFix". 
+ timwills@ to the thread, in case you want to know more about the Vulnerability reward program. 

jialiui@ summarised this well.
djkiani@ did not find a security issue, this all is working as intended.

@vabr: Thanks for your guide. Everything going as expected. No new issue observed in this.
Kindly close this thread.

Thanks