New issue
Advanced search Search tips

Issue 632241 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Jul 2016
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug-Security



Sign in to add a comment

To have Password/Pin-code before Enabling Chrome Account?

Reported by sami.lo...@gmail.com, Jul 28 2016 
UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36

Steps to reproduce the problem:
1. start PC  
2. start Chrome
3. no security layer if you have been logged into your Google Account in Chrome

related thread: https://productforums.google.com/forum/?utm_medium=email&utm_source=footer#!msg/chromebook-central/00prPK9Wd8g/4xdfC_onAgAJ

What is the expected behavior?
Password/pin-code request

What went wrong?
All users of the computer can use my Google Account when using Chrome

Did this work before? No 

Chrome version: 51.0.2704.103  Channel: stable
OS Version: 6.1
Flash Version: Shockwave Flash 22.0 r0

Feature-request

Comment 1 by rickyz@chromium.org, Jul 28 2016

Labels: -Restrict-View-SecurityTeam -Via-Wizard
Status: WontFix (was: Unconfirmed)
Thanks for your report. Unfortunately, there is nothing that Chrome can do to protect against users that have physical access to your computer. One thing you can do is use different OS level user accounts on your machine, though a determined attacker would still likely be able to gain access to your accounts.

For more info, see our FAQ entry about this: https://www.chromium.org/Home/chromium-security/security-faq#TOC-Why-aren-t-physically-local-attacks-in-Chrome-s-threat-model-
Project Member

Comment 2 by sheriffbot@chromium.org, Nov 3 2016

Labels: allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment