This template is ONLY for reporting security bugs. If you are reporting a
Download Protection Bypass bug, please use the "Security - Download
Protection" template. For all other reports, please use a different
template.

Please READ THIS FAQ before filing a bug: https://chromium.googlesource.com
/chromium/src/+/master/docs/security/faq.md

Please see the following link for instructions on filing security bugs:
https://www.chromium.org/Home/chromium-security/reporting-security-bugs

NOTE: Security bugs are normally made public once a fix has been widely
deployed.

VULNERABILITY DETAILS
Passwords can be revealed to sys admins on windows machine

VERSION
Chrome Version: all versions
Operating System: Windows 10 and others

REPRODUCTION CASE
Use chrome to remember a password 
logout of windows, but leave chrome running
Sysadmin now resets windows password to something they know.
Sysadmin now logs into windows machine and can now read all stored passwords as they have the windows password.