VULNERABILITY DETAILS

Hello,
The current chrome settings allows any user with the current Operating System Login Password to see the all connected passwords which are login from the chrome user interface. You may not think it is a serious security issue, but it is. Because we can sneak into any Windows Xp,7,8,8.1,10 PCs with any password bypassing tools like KONBOOT, or HirenBootCD. (windows 10 with microsoft account login is an exception though). Most of the people are using the Microsoft Windows 7 operating system, and it can be cracked easily. Google Chrome allows any user with the current Windows account Password if present or without the password to view the complete password of the default user. The passwords must be shown, but only with any authentication procedures. Otherwise there is no use of the chrome security standards and you can't say that your customers are completely secure with their information.

VERSION
Chrome Version: 54.0.2840.99 m stable
Operating System: Microsoft Windows 10 Version:1607, OS Build: 14394.351

RESOLUTION METHODS:
* Include Authentication for viewing saved passwords
* Notify the default user in email & Recovery email, if anyone tried to access the saved passwords