Chrome Browser still remembers the password and will auto save it again if I try to log in later (even if the pw is deleted from passwords.google.com).

The original bug seems to be an issue with the way the Nest App works, right? It seems kind of anti intuitive that nest app can decide whether or not to delete my password in chrome (this cannot be done from the browser, why can they do it from the app?)

Thanks for the report. Indeed, this seems to be an issue with the Nest App. I will try to get involved people who know the integration with apps better than me.

Thanks for the answer, vabr.

After reading, this seems to be part of the API: https://developers.google.com/identity/smartlock-passwords/android/delete-credentials

It seems kind of backwards (how come a web page can't delete their password, but the android app can? and without a warning).

So I think it's two different kind of problems:
- The issue with the Nest App.
- The fact that the android Credentials API allow apps to delete user stored passwords.

Hi mvanotti!

You discovered yourself what I had to ask about :). But indeed, #3 is true, and precisely what I heard confirmed from ssoneff@.

The Auth.CredentialsApi.delete method has reportedly been like this for over 3 years, and there is not much enthusiasm to change that, IIUC. Searching for "Auth.CredentialsApi.delete" in the internal bug tracker points one to the right component to file a bug against the Android-facing API. Not sure where to file a bug against the Nest app.

As this does not seem actionable on Chrome's side, I'll close this bug.