Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Starred by 357 users

Comments by non-members will not trigger notification emails to users who starred this issue.
Status: Duplicate
Owner: ----
Closed: Mar 2011
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Feature

Restricted
  • Only users with Commit permission may comment.



Sign in to add a comment
Profile/login support
Reported by eurydice...@gmail.com, Sep 3 2008 Back to list
Product Suggestion: Allow the user to log into Chrome. Thus I could have 
Chrome on two  different machines and when I log into my Chrome, I get the 
same settings/bookmarks/history, incl. when I use Chrome on someone else's 
computer. 


 
Labels: -Type-Bug Type-Feature
Important would be not having all the information at google..
+100
I would prefer the use of the Google account to store/sync automatically. If user is 
logged into Google Gmail, iGoogle, etc. then no prompt/login should be necessary. Of 
course the info should be encrypted on the pc and never transferred or stored in the 
clear.
Comment 5 by ghost...@gmail.com, Sep 8 2008
Like Mozilla's Weave or Google's Browser Sync
Comment 6 by hq4e...@gmail.com, Sep 20 2008
I think this is a good suggestion IF it's kept optional. User should be able to 
choose between chrome "disconnected" which is vendor default (perfectly reasonable) 
work mode of chrome to the more synchronized working mode a.k.a "Chrome Online". The 
online mode should be manually activated, thus disturbing with this option only users 
that understand what they are aiming at, and even them Chrome should prompt the user 
with a warning about the fact that personal data will be sent to [[Storage Service 
Provider]]*.

* I think that in order to preserve transparency this feature should be developed 
with an open API, where other users (Think corporate internal LAN's) could implement 
the storage back ends.

Labels: -area-unknown Area-Misc
Comment 8 by lea...@gmail.com, Oct 6 2008
I want this feature since Google Browser Sync was abandoned on Firefox 3.
Comment 9 by Deleted ...@, Oct 14 2008
+1 this is a must have feature !
Comment 10 by inet...@gmail.com, Nov 15 2008
 Issue 4781  has been merged into this issue.
+1 For now, i use chrome portable + dropbox to do this.
Comment 13 by jon@chromium.org, Feb 4 2009
Labels: -Area-Misc Area-BrowserUI Mstone-X
Status: Available
If you could get this in to Chrome, and if you get it working on Linux as well, then 
I would consider forgoing my firefox plugins and changing to Chrome across all my 
environments as my browser of preference.

If anyone at Google wants to make a list of 'killer features' to take on Firefox then 
this should be way up there on your list.
Comment 15 by Deleted ...@, Feb 11 2009
YES YES YES, 100% agree with hq4ever, I want this very very very much :-)
 Issue 9145  has been merged into this issue.
+1 it's the feature I love in Opera (Opera link).
Comment 18 by agl@chromium.org, Mar 27 2009
Labels: -Pri-2 Pri-3
Comment 19 by jecsh...@gmail.com, Apr 14 2009
So you wanted to bring back Google Browser Sync? That's great but that should be done 
by the developers in Google Toolbar, not Chrome.

Chrome should be not Google-centered web browser [similar with Android, which needs a 
Google account before signing in.] Hence, that should be done by plugin and not as 
fully implemented imho.

:D
I think this would be a great feature.
As long as it can be turned off.
Comment 21 by jmyo...@gmail.com, Apr 14 2009
Keeping in line with the open model of Chrome, it should be possible for a user to 
configure their own synchronization server if they choose.  Having the default server 
hosted by Google should be fine.  As already stated, this should be a (recommended?) 
plugin not a builtin feature since many people won't want it.

Similar to Mozilla Weave, the content on the server should be (optionally?) encrypted 
so that the server host cannot look at it even if they wanted to.

I haven't looked, but its possible that the plugin could share some code with Mozilla 
Weave which would allow users to sync settings across Firefox/Chrome which would make 
this an even MORE killer feature.
i think this would be a great idea, you know, without reading this i posted this on the 
chromium google group. i guess great minds think alike. fredbob3.blogspot.com
Hopefully someone can work on this feature for 2.1..more features are needed to 
attract and keep new users and to also keep current users.
Comment 24 by stols...@gmail.com, May 19 2009
I want Foxmarks (now Xmarks)! Seriously, that would rock.
I was coming in here to suggest a similar feature: The ability to auto-sync bookmarks
across several computers (an issue I run into daily). But really, "logging into" your
browser for auto-sync just makes sense. I could see it working with either your
existing Gmail account, or really any email address and password. I would have no
problem if all my bookmarks/settings were stored on Google's servers by default (and
the option to use your own server?). I already trust them with my email on their servers.

But really, the ability to open Chrome at work and get the exact same browser setup I
have at home would be bliss and I don't know why nobody has done this right yet.
Also, since all of Chrome's extensions (CRX files) will be hosted by Google anyways,
maybe that will make it easier to sync extensions too?

I currently started using Xmarks (formerly Foxmarks) in Firefox, but it was bloated
with extra unnecessary features and I'm currently trying to get away from Firefox.
Please remember, the simpler the better!
#25: Opera link?

Still, would be very nice to have it in chrome.
Comment 27 by Deleted ...@, Jul 21 2009
You could probably use the http://www.google.com/bookmarks feature.
Comment 28 by stols...@gmail.com, Jul 21 2009
@vishwanath.donti: Ehwow? Is that updated by Chrome?!

a) Where is it stated and explained that Chrome sends all my bookmarks to Google?
b) How do I control that?
c) How can I synch that to Firefox?!

Lots of questions here. At least with Foxmarks, I know what I have and get.
c) Use Google Toolbar to access Google Bookmarks (available for IE and FF [and more?])
Comment 30 by stols...@gmail.com, Jul 21 2009
.. that's really not a relevant option for me, and I believe the same goes for most 
people that ask for these features. We want foxmarks-functionality. Check out "dropbox" 
for similar functionality for files. Seamless is the key word. "Just fscking work!" is 
the key pharse.
 Issue 1397  has been merged into this issue.

Since  issue 1397  has been merged into this issue, the prioriy should be raised. Issue
1397 was Pri-2. Also, resolving  issue 1397  by implementing  issue 812  creates new
requirements:

- It must be possible to open more than one Chrome session at the same time on the
same machine, using different accounts. The accounts' web history, stored passwords
etc must be strictly separated from each other.
- It must be possible to open an 'empty' session with neither any web history nor any
stored passwords.

In addition, since  issue 1397  seems to be quite important to many people, I suggest
that a real target date is set for resolving this issue.

Comment 33 by stols...@gmail.com, Oct 21 2009
How on earth is it that  issue 1397  was merged into this issue? Aren't they 
fundamentally different?! This one asks for browser bookmarks synch, while the other 
one asks for a master password on the password store!!

They CAN possibly be solved together, as both require a password. However, that's 
pretty much the only link the two features have.

The Google Browser Synch did something like this - where everything was stored 
encrypted on google's servers. Google gained nothing for this - and it ended up a 
very crappy tool. Not like Xmarks, which is very good - because the company behind it 
gains from aggregating all the bookmarks throughout (and btw, they haven't gone for 
the password store - obviously). Seems fair to me. (With a switch, that is default 
off, to encrypt the passwords, the storing company would probably get a fair deal.)

I also think, as has been noted before, that the synch server should be configurable. 
Forcing this to google would be wrong for many companies etc.

Basically - I don't think that bookmarks and stored passwords necessarily are fit to 
be on stored the same server. I furthermore think that these two bugs should not be 
merged now - but the features could possibly be merged, configurably, at a later 
time.
Yes, they are fundamentally different.

A master password is about protecting the locally stored passwords in a real life 
situation.

Browser sync is about storing your browser data (not just passwords) online.

If this is google's implementation of a master password, I can expect a lot of dissatisfied customers, myself being one of them.
(for my first statment see the design doc for master passwords, 
http://docs.google.com/Doc?id=dhn2skdg_1fwvbb3cb this shows the reasons that it should 
be implemented. Which are completely different to why this feature should be 
implemented)
Summary: Profile/login support (was: NULL)
This bug is about implementing the ability to "log in" to the browser.  One potential 
ramification of that is that the login could be used to sync data between remote 
instances.  Another is that the login could be used to protect local data.

This bug implies support for a "guest"/non-login account in addition to the other 
account(s).

This bug may also cover the following additions:
* Auto-login support a la Google Talk, for users who don't wish to type passwords on 
every launch
* Securing the password store with the login password, a la a "master password"

Note that when you combine the above two bullets, you get an equivalent to a "master 
password" w.r.t. the ability to view stored passwords, which is the primary use case 
posited by those who want a master password.  You can also turn off auto-login and 
use the "guest" account for untrusted users of your machine if you need to prevent 
people from using your passwords at all (e.g. for sites where you're logged in via a 
cookie).
Further note: Syncing certain kinds of data is already going in separately from this 
bug.  For example, bookmark sync is a Chrome 4 feature.  This bug covers a particular 
UI implementation of profile support on the client side.
thank you pk, i absolutly agree with your view finally, thanks for listening to users 
and finally clear your intentions. I hope this can land soon, hopefully in mstone4. 
thanks again!
Hi all,

I understand that there are a lot of people who would like to this feature, and get a
good sense for what the needs are from reading this detailed thread.

This being said, I want to set expectations: multiple profile support is something
we're looking into, but we won't implement it unless we come up with a UI we're
really happy with. I'm hopeful this will happen, but I don't know for sure.

It definitely won't happen for mstone4, as our first priority is shipping bookmark
sync. I'll update this bug when we have more progress on this.

-Nick
 Issue 26681  has been merged into this issue.
 Issue 9199  has been merged into this issue.
Using the firefox master password I am able to migrate saved passwords between profiles 
(windows and linux), by copying the signons3.txt (now changed to signons.sqlite) and 
key3.db to the new profile. I could then access my saved passwords on the new machine 
or OS (using the same master password). This has proved to be very convenient. The only 
improvement I could want would be keeping the encrypted passwords on-line in my google 
account (only decrypted in the browser). In this way, newly added passwords / sites 
would be available to all my browser profiles on different machines / OS.
Comment 43 by Deleted ...@, Nov 6 2009
To Gregor Larson: on Firefox you have Weave to do just that, synchronise passwords
(and more) with all your browsers. Though, this topic is about Chrome.

To all, especially Chrome devs: the login feature should allow decrypting the saved
passwords (just like the 'Master password' on Firefox) but there *MUST* be a way to
timeout the sessions IMHO, that is to wipe the session after xx minutes, or
hibernate/suspend/switch user etc. This has to be configurable and activable/deactivable.
@sforestier that is the way it is with the current Bookmarks Sync, which this feature 
is based on.
The sessions ends after a while and you need to re-login. Right, it does not happen 
after a few hours, but after a few days, but still.
I guess you will have the option to configure that, for increased security.
I know some users do not want to be bothered by being asked for the credentials over 
and over again (like me, once is definitely enough), but some do.
My personal complaint was limited to the ability to go to the options menu and access 
all of the passwords. At the bare minimum, I think it prudent to require the user to 
enter a master password to be able to view the passwords. An alternative would be: Just 
don't show the passwords in the options menu. Only show stars, or any mask.
if this one will be fixed it would be epical for browsers history!

- you logon and you have:
your theme;
your extensions;
your bookmarks;
your NTP;
your stored account/passwords.

so you can access to YOUR browser everywhere! no more problems beeing in another 
house, accessing the network from another pc. if you will support this... you'll 
change what a browser is!! think about it... ;)
I think stored accounts/passwords really need special handling. If you think about
it, passwords are the most sensitive information most users handle on a day-to-day
basis. Because of the exposure and risk a list of accounts and passwords represent,
they deserve an extra layer of protection against disclosure and loss. The reason
stand-alone password-safes are popular is because they allow users (who are not IT
professionals) control their data. The master password from firefox provided a
similar level of control. Even if the computer, or a backup of the computer, was
stolen, the master password, like the password to their password-safe, will protect
their sensitive information.

As far as protecting the password-safe with their regular login password, this is
problematic. There are some instances were regular login passwords are disclosed or
reset which would result in the disclosure or loss of the password-safe. If the
trusted IT person needs my login password to fix something, he will probably get it
(I will just reset it before / after he is done). If asked for their password-safe or
Master Password, that would raise the suspicion of most users.

Again, this is not about computer science and technical feasibility of protecting
data with the login password. It is about creating a mechanism that *is* safe and
with which the average user can understand and *feel* safe and in-control.
In regards to this particular line in Gregor Larson's post:
"It is about creating a mechanism that *is* safe and with which the average user can 
understand and *feel* safe and in-control."

Whilst I'm not disputing that security measures need to be put in place, a false 
sense of security is just as dangerous as no security in a lot of situations.

Users need to understand both the benifits, and the dangers, of saving their 
passwords locally. It's not about making them FEEL safe. It's about trying to keep 
them as safe as possible, whilst still informing them of the danger so they can make 
an informed decision.
The truth of the matter is that security is not binary (on or off) there are many 
levels. I suggest we take a step back from digital security and looking at physical 
home security.

It is well known that locking your door is not enough to keep anyone from entering 
through that doorway. The door may always be broke down with brute force and a more 
skilled individual may be able to pick the lock. Even with this knowledge, and with 
stronger security measures in place, I still lock my door because I know there are 
those who are relatively trusted and allowed past the stronger defenses, but would 
consider an unlocked door an invitation to enter an area they normally would not. 
Thus, while still a form of security, the lock is only meant as a stern suggestion to 
turn away. (Just think of the lock on a household's bathroom door.)

While a master password does not truly secure the data it protects, I want a password 
vault without a master password as much as I want a front door without a lock. I do 
understand the feeling that providing a master password may be misleading, but it is 
not useless. I would ask that a master password be provided for the password vault 
regardless of whether there was some prior login. Add a disclaimer if you feel you 
must, but please provide the option.
Securing the passwords with a master password is stupid and useless.
It has nothing to do with locking the front door. Your firewall/antivirus/OS Securety 
is the front door of your house.
Is someone just broke down a 10 inch steel door they wont stop at a locked filing 
cabinet :-)

50th comment forced me to comment first time in this thread, by making most stupid 
comment on this thread. Do you mean to say every other password is also useless? 10 
inch steel door has nothing to do with a password protected profile. It is just like 
any other password protected software, and it has meaning.
If i have access to your computer all the password protected files in the world wont 
save you. The first time you use a password in your browser (and thus type the master 
password) i have access to all your password.
Any virus / spyware / mallware can do this
A master password in a browser is giving stupid users a stupid and false sense of 
securety. Nothing else.

Password porotecting and encrypting files can be very useful for preventing data 
theft if someone physically steals your computer or usb key.
A password protected file still provides some securety on a compromised system, as 
long as you dont use it (type the password).
But password protecting browser passwords is utterly useless. You would end up typing 
that password several times every day and if your system was ever got compromised the 
password would provide no protection at all.
Comment 53 by estma...@gmail.com, Nov 10 2009
Obviously if your system is compromised then no passwords are going to save you, but I don't think the 
master password is meant for that. It's supposed to keep my passwords safe from the casual user who 
has access to my computer but has no bad intentions. I have no problem sharing my computer with my 
friends, but I don't want them to be able to see my passwords with two mouse clicks. 
#53 makes a good point: For me, too, it's about someone browsing through the Chrome 
menus and "accidently" seeing my passwords in plain text; not so much about perfect 
security in case the computer is lost or stolen. (Anyway, the file IS encrypted 
already if I understand the discussion correctly. And resetting the Windows user 
account password from outside of windows makes encrypted files inaccessible, as far 
as I know.)

Scenario: My laptop is being used as a jukebox on a party. No one knows my windows-
password, because I logon myself. However, several people shall be able to adapt the 
playlist, so locking the system is no option. People with bad/funny intentions 
should not be able to see passwords with only a few clicks. I don't care too much if 
someone wants to read my mail or to logon to facebook as me, because the damage one 
can do there is limited - especially in a situation where you don't have infinite 
time. But knowing my plaintext passwords allows someone to read my mail continously 
without me knowing it, or even change my password and making me lose access to my 
mail. And gettig the password is easy at the moment, 4 or 5 clicks in the menu, 
pretending you are looking for cookie options (which is only 1 click away) in case 
you are caught in action.

What about this: Leave everything as it is, but make the user need to enter his 
Windows password in order to view all passwords in plain text (or delete them). 
Autologin to websites using stored passwords should still work without any entering 
of passwords.

Advantages:
- no bothering in normal surfing
- no Chrome-internal password management necessary
- no additional password to remember for the user
- harder for keyloggers to record the password, as it is typed in very rarely (who 
NEEDS to view his passwords in plain text on a regular basis, anyway?)
- no false sense of security: People either won't notice that their passwords are 
encrypted and protected (because they are never asked for a password at Chrome 
installation), or they know it's only protected by their Windows password. People 
SHOULD know better than to give other people their Windows password. Especially 
since on Windows 7, the Users' folders are auto-shared within a private network, and 
accessible with the user account's password.

Disadvantages:
- I don't see any, compared to the current situation.
I have a better idea - when you want to share your computer, have them use the Guest account... It 
saves you from all these hassles.
I'm surprised this is even being discussed as I feel it is a near-necessary feature. Just use the 
Windows password as a default master password, or if they have none, let them specify. Or just make 
password saving an option they must manually enable.

Personally, I wasn't even aware you could see my passwords in plain text, and sometimes I let others 
use my computer real quick--and this just scared me. The only option for me was to disable password 
saving, delete them all, and just let the cookies do the work. I'm fine with that, but I think a 
"Master Password" would be a better solution.
Comment 57 by jaysc...@gmail.com, Nov 11 2009
Comment 50's author needs to read up on the concept of a password safe. Using a master 
password to secure multiple passwords isn't "useless" or "stupid". It combines the 
security of a unique (preferably machine-generated) password for each online account 
with the convenience of only having to remember one password.
 Issue 29877  has been merged into this issue.
I want master password too... Those who don't want please need not comment. Chrome is
so cool to use but I have to switch to firefox now & then when I can't remember the
password for a particular forum. For virus & malware attacks we have good antivirus
programs.
I am really  tired of this talk... Some people want masterpasword, some people say is 
useless. What about make it optional and stop all this nonsense talk? For me would be a 
step ahead. Also must find a way not to receive news on this issue. Is boring that in 
one year is just kindergarten talk (good for me... no you are stupid, is no good...).
Best Regards.
Comment 61 by stols...@gmail.com, Dec 10 2009
People saying a master password is useless have NO CLUE WHATSOEVER about security. 
NONE. It's that simple. Please just shut the fuck up already, will you?

Make it optional - this is how Firefox behaves, is it not? (If you have blank 
password, it is "off").

Encrypt the passwords on disk using some nice algorithm employing only the password 
as key. If you loose your password, you're fscked - unless it was simple, in which 
case you can feasibly brute force it. Get some actual crypto-folks on this, helping 
out with the intricacies, of which there are many.
Comment 62 by Deleted ...@, Dec 10 2009
A master password is nice, but I don't think it's *necessary*.  Nor do I think that 
people who believe it isn't necessary are clueless.

You are already logged into the machine and have already authenticated.  Adding another 
layer of security to that security is largely redundant, given the passwords are stored 
encrypted using a hash based on the current user's credentials.  

This simplifies the system and allows users to use password recovery techniques that 
are well known and built-in to the various OSes they are using currently.  
Reimplementing the various pieces that are already available in their native flavors on 
each OS in the browser itself is just additional risk and bloat.

As an aside, this conversation is valuable otherwise it wouldn't be discussed.  You 
should be careful to say that parts of it are not valuable... it's all valuable :)
@stolsvik: Please keep a civil tone.  There's no need for personal attacks or foul
language.
Comment 64 by stols...@gmail.com, Dec 10 2009
Read all the comments above. It has been argued THOROUGHLY why such a second layer of 
security is very much in demand. I don't understand why one whine more about it.

All arguments have been presented. It is silly to keep this open. I'm very fed up by 
the people arguing against 100% valid points with points that I, personally, feel is 
utter BS.

If the @chromium'ers WILL NOT DO THIS, optional or not, then just tell us and close 
this damn issue already. And then we, that are waiting for it, will have to decide 
whether we feel this browser is secure enough or not - and then consider other 
browsers, or hopefully someone will step up and fork a secure version of this 
otherwise nice browser! :-)
Comment 65 by estma...@gmail.com, Dec 10 2009
Comment 39 states that they'll look at implementing this only if they get a good ui, 
and that they have other features as a priority.

The problem, to me, is that they've merged what are actually two separate issues. One 
is support for multiple profiles (which is the original issue) and the other is a 
master password (about 4 requests for that have been merged with this issue). The 
last 15 or so comments are all talking specifically about the master password with no 
mention of profiles. I for one have no need/desire for multiple profiles in my 
browser. I don't use them in Firefox and I wouldn't use them in Chrome. I do very 
much want a master password though.

I understand that implementing the profile feature could also take care of the master 
password concern, but to me the master password should have a much higher priority. 
It should be implemented regardless of when/if profile support is added. I'm not 
saying there aren't any, but I can't think of any other program that lets you view 
passwords in plain text without some sort of authentication (or at least the option).
Roaming profile (bookmarks, etc.) is cool - you can save this under your google 
account - so no need for "master password" here...

Also, in my opinion, I don't see the point of having "other passwords" if you need a 
"master password"... Use the same password then for your forums or whatever else... 
or use cookies instead...

I don't believe in "saving password" anyways so if you do, why do you need an extra 
one?
Everybody knows what happened with "the one to rule them all" :-)

Cheers
Comment 67 by stols...@gmail.com, Dec 11 2009
Incredible. Just incredible. And one have to argue against such complete brilliance?

In other news, I wholeheartedly agree with @esmatic at comment #65: I indeed argued 
against the mangling together of these two rather unrelated features at comment #33, to 
no avail.
Comment 68 by estma...@gmail.com, Dec 15 2009
At least the mac version uses OSX's built-in keychain for stored passwords. You have to 
authenticate before it'll show you the password in plain text.
@64: A master password was  issue 1397 .  That issue is closed.  We will not implement 
a master password.  Not now, not ever.  Arguing for it won't make it happen.  "A 
bunch of people would like it" won't make it happen.  Our design decisions are not 
democratic.  You cannot always have what you want.  (Not that swearing at people and 
denigrating anyone who disagrees with you would help your case any, either...)

This bug is about doing other things which may address the same use cases.  If you 
are unsatisfied with that, you are free to use Chrome extensions that keep a 
protected, cloud-based password store, or to use Firefox.  But stop trying to hijack 
this bug to be about master passwords.  We closed  issue 1397  for a reason, not to 
have the discussion migrate to here.  Don't make us lock the bug to further comments 
or delete all the off-topic ones above.
Comment 70 by stols...@gmail.com, Dec 18 2009
@pkasting: You were the exact one that ***merged***  issue 1397  into this issue. Don't 
you come arguing here with "that issue is closed", because that is complete and utter 
BS - you *merged* it into this issue. Several people found that not very helpful (aka 
"absurd"), but *you* were the one that did it.

"Comment 31 by pkasting@chromium.org, Oct 20, 2009
  Issue 1397   has been merged into this issue."

However, if you say that Google/Chrome/Chromium will never have a *master password 
for the password store*, then that is fully okay with *me*, I'll just have to factor 
it into my use of this browser.

I really have no idea what this issue is about, so I'll just get the fuck outta here.
Staff, what are the extensions?
Stop troubling!

If engineers Chrome don't want to work it, do extensions.
This also serves to  Issue 8022 .
@pkasting
This is same attitude like Apple and Microsoft. You are write, this is not democracy.  This is the way of Google... walk with us of shut up.

I want to unsubscribe from this thread since I didn't subscribe to this - you subscribe me without even asking . You say people try to hijack this bug to be about master passwords. If you are so clever, when you merge   
   Issue 1397    into this one, why didn't you give people possibility to subscribe or unsubscribe to the new Issue? I see no unsubscribe option, I just find myself waiting news on master-password then you dictatorial 
comment . Maybe this is also no democracy, once in , no way out.... 

Comment 73 Deleted
For people who want chrome master-password, seems that you can give your suggestion here http://www.google.com/support/chrome/bin/static.py?page=suggestions.cs&issue=107378&bucket=15652
If we are enough suggesting, maybe some day will be implemented. So this falls from bug-issue category to suggestion category.
@70: Yes,  issue 1397  was merged in precisely because, as I said above, "This bug is 
about doing other things which may address the same use cases."

@72: Click the little star near the top of the page by " Issue 812 " to turn it off, and 
stop receiving mails.
thanks... 
I don't want dictatorship too so I log off from this issue. Thanks pkasting.
Comment 78 by stols...@gmail.com, Dec 18 2009
@pkasting: Moron. Bye.
Comment 79 by oritm@chromium.org, Dec 18 2009
Labels: -Area-BrowserUI Area-UI-Features
Area-UI-Features label replaces Area-BrowserUI label
Comment 80 by Deleted ...@, Jan 4 2010
i bet if the media jumped on this master password issue, they would implement it in a 
day...

heres another thought... lets try get in the google offices and get their passwords... 

again, after that, master password would be implemented in a day...


 Issue 33355  has been merged into this issue.
@69: since you seem to be a really smart guy, have you ever tried to think to what 
could happen if, say in three months from now, a bug is discovered in Chrome that 
allows an attacker to remotely retrieve the content of a local file ?

This is only one of the (many) possible scenarios where a master password, stupid as a 
security measure as it surely is, can help saving your life. So, why can't you put off 
your pride for a second and try to understand what people is trying to tell you ? 
Comment 83 by dhw@chromium.org, Feb 1 2010
 Issue 33999  has been merged into this issue.
I really don't see why 'Master password' issue was merged with this one, but that 
could just be me.

Since that issue has been closed, I'll post my comment here also.


I don't see why there should be so much fuss about this issue. Just implement the 
damn master password and 
those who want it can use it and those who don't care won't use it. 

It can't be that simple to view someone's stored passwords, just clicking a button! 
And it's at plain sight 
on Chrome's options!

We're not asking for much here (at least not me) Just a simple master password to 
make it a bit more 
difficult for person X using my PC to see all my stored passwords. Of course there 
are ways to circumvent 
this, just as there are ways to circumvent a lock on someone's door. That doesn't 
mean we shouldn't use 
locks!!

I just can't believe this issue hasn't been addressed yet.
Because chrome os will have similar feature, which is to load all your data with a 
single login.

Just wait until they worked out this feature on chrome os. it'll be here soon 
afterward.
Comment 86 by dav3m...@gmail.com, Feb 13 2010
Like gabrielperren (comment 84) I too see no reason to confuse the very 
straightforward "master password" feature with this one.

When at home, I log in on my laptop as local admin (using a default company 
password). When at work, I log in using my domain login & password.

Other family members use this PC for browsing (only) - requesting that I create a 
separate user account for each family member is unrealistic and would be a huge step 
backwards in speed terms for multiple people using the same PC for browsing.

Will whoever the security tit in Google is get off their high horse and just 
implement the friggin feature. Excuse the anger - but not implementing this is 
inexcusable.

This *can* be done easily and securely:

1. Enforce a complex password (>=8, upper+lower+digits+puct)
2. Use the password as the basis of a 256-bit AES key
[E.g. SHA-256 hash a combo of the user password with logged in username and 
computername]
3. Use this key to encrypt a hash of the password (for verification of master PW).
4. Use this key to encrypt the passwords before storing in the OS crypto mechanism.
5. Provide options to:
a. Prompt for master password every time it could be used
b. Time-out master password after xx minutes

I installed and evaluated Google Chrome today for the first time. I'm very impressed 
with UI and performance. However, I will be uninstalling and going back to Firefox 
(maybe I'll have a quick look at Opera).

I'll come back once Master Password is implemented.

All the best.

Dave

Comment 87 by grin...@gmail.com, Feb 17 2010
Opera does use master pw and times it out properly. Actually better than FF.
Labels: -Area-UI-Features Area-UI
guys, just use lastpass 
(https://chrome.google.com/extensions/detail/hdokiejnpimakedhajhdlcegeplioahd?hl=de) 
or any other similar extension for chrome and stop hijacking the thread please..
Chrome already save our bookmarks in our Google account... If the dev-team is ok, it 
would be an interessant feature...

If not, a plugin will be good too... ^^
Comment 92 by grin...@gmail.com, Feb 18 2010
re Comment #90: No. Their unaudited hidden code stores your credentials on their 
servers. Maybe encrypted. Maybe not even decryptable by them. This method is as 
trusted as the company is. Not at all, that is. 

All this about is to store passwords locally, encrypted, using strong master pw, and 
timeout it properly. Extension or not. But as any encryption sane people would use it 
have to have open source to review. (Or you could use "wonder" and "ultimate" 
solutions from any windows shareware collection using XOR. :-D)
Comment 93 Deleted
Comment 94 by grin...@gmail.com, Mar 1 2010
By the was it's been nice to have  Issue 53  and  Issue 1397  closed, but just as a 
sidenote they are still accumulating comments. And it seems to be pretty hard to 
track what is happening master-password-wise around. 

I mentioned in  Issue 53  (among the lack of results of the debate) FireFox and its 
FIPS mode, which uses master password while keeping FIPS vertification, which means 
it's possible to have gov't grade security with MP. Ignoring that isn't constructive 
in this debate (though why do we have to debate that is beyond me). 

I'm not familiar with internals, but master password seem to be consisting of:
- implementing [strong] encryption module to encrypt password site data and password 
data
- implementing its saving and retrieval
- implementing master password interface (and preventing deadlocks between 
threads/tasks of chromium requesting it)
- implementing master pw expiration

Of course I see there are many small issues (like trying master pw not to enter swap 
and other files) but many of those can be peeked at firefox's implementation as a 
cheat sheet. 

But yes, I have to repeat that I wouldn't save _any_ credentials in Chromium/Chrome 
unless it's encrypted with password, which means basically not using it seriously.
Comment 95 by grin...@gmail.com, Mar 1 2010
By the way (um, seems I don't really trust to change the flow of events here, so just 
thinking aloud)  Issue 25404  (encrypting passwords),  Issue 31087  (enable FIPS), Issue 
8205 (password manager) and  Issue 12351  (password management) is related as well.  
Probably even more I didn't notice.
Comment 96 by grin...@gmail.com, Mar 1 2010
Wouldn't it be just nice to *reopen* master password issue and handle these 
separately, by the way? 
 Issue 37282  has been merged into this issue.
Just to illustrate this issue. I had just converted my friend to using google chrome 
because it is faster. Last week, a group of friends (including myself) were in her 
room, she went to get a drink, logging out of facebook before leaving, however we 
just hit refresh to have the password field filled out for us. Her facebook details 
were edited within about three seconds of leaving the room.

She is now using firefox again.

I know that this problem really doesn't affect the developers as they see it as a 
'theoretical' security risk, due to the problems implementing storage for saved 
passwords. However the current system is a 'real life' security risk, and a lot 
easier to bypass in real life and therefore a lot less secure!

When will developers realise that this is something that people actually look for in 
a browser! People look for functions like this above speed and a nice UI! You must 
have access to some market research in this field?

Best regards, Philip Bembridge
In response to the person commenting that we should just use lastpass; this is third 
party code which hasn't been reviewed, tested and it still stores your passwords on a 
central database.
From now on comments by non-members will not trigger notification emails to users who 
starred this issue.
@philipbe...@gmail.com - you are talking about a whole other issue. File a new issue for it.
Comment 102 Deleted
Since currently the passwords are encrypted with the windows credentials, does that 
mean there is no way to recover the list and export if the windows crashes and needs to 
be reinstalled?
 Issue 40314  has been merged into this issue.
Please implement a master password system. I'm thinking about writing a few articles on 
this issue and the general response/comments made by chromium developers along with the 
dismissal of the views of their users etc.
 Issue 42083  has been merged into this issue.
Comment 107 by risc...@gmail.com, Apr 21 2010
I'm still waiting for better protection on Chrome Internet & OS in such way it does 
not store unencrypted banking details or account (ebay/paypal for example) within 
history or stored password manager section. I have previously proposed to encrypt the 
password manager, only accessible by admin or parent, this avoid other too smart kids 
to buy XBox without informing parent(!). It seem they preferred to talk talk talk and 
do nothing do far.
I cannot turn off the password as it is needed to access so many website requiring 
user logon.
 

Comment 108 Deleted
Comment 109 Deleted
Comment 110 Deleted
 Issue 45523  has been merged into this issue.
Comment 112 Deleted
Comment 113 Deleted
Comment 114 Deleted
Comment 115 Deleted
On a software discussion group I moderate, a number of people have indicated that they won't use Chrome or Chromium due to its lack of a master password to protect stored passwords. Their lack of use of the browser means they won't participate in bug reports, so I thought I would add their objections here myself.
Comment 117 Deleted
Since there is no tool for us to see how many of us need this master-password must-have implementation, I have created a blog with one pool regarding explicitly this issue. Please vote pro or contra implementing master password in Chrome.
http://securemybrowser.blogspot.com/
It is indeed way to easy now to view someones saved passwords. If you leave your computer alone for just one minute, someone could easily write down your passwords and log in to all your accounts at their own computer. With a master password they can only log in at your saved sites in the one minute you are gone, and not at their own computer.
Although this doesn't provide maximum security, it increases it a lot.
Chromium don't hide the stored passwords in the option panel !!! Why encrypt passwords on the hard drive ?

My solution :
It's not mandatory to put the possibility to show them. Just show the url and login only in this panel. Don't forget in every site there is a password recovery link !

In the current context if someone use my pc he can see all my passwords without install some keyloggers or specifiq programs !!! It's very dangerous for our privacy !

So if Chromium mustn't have Master Password, please you should to hide them ! I think  it's the best answer to resolve this problem !

I like chromium but this problem is a Master Problem !!!!!

:)
BUMP from  issue 9199 : 
Does the "Mergedinto: 812" [for 9199] mean that resolving 812 will provide a way to legitimately migrate saved passwords onto a new machine under same user's control, and onto a fresh installation of OS on the same old machine?
In case this helps, it seems like you can configure (enable or disable) the "Show passwords" button from the registry.
For more information, see this page -
http://dev.chromium.org/administrators/policy-list-3#PasswordManagerAllowShowPasswords
Comment 123 Deleted
Thanks phist...@chromium.org ! I will test this when I will come back home
Comment 125 by Deleted ...@, Nov 14 2010
I think Google just wants to control all of the accounts of user, just like facebook won't give access to parts of the facebook graph. Google does not want someone having control over all the "accounts" of a user. In Web 3.0, accounts are the centerpoint of linking a user to multiple account points. Hence, the functionality is disabled. If you use firefox, Google has an exclusive agreement with mozilla. If you want to reset your master password, you have to type: chrome://pippki/content/resetpassword.xu   interesting if you ask me. 

This is just my take. I vote yes, with some sort of security restrictions.
Comment 127 Deleted
Comment 128 Deleted
Comment 129 Deleted
Comment 130 by lea...@gmail.com, Mar 4 2011
#125 If it's a concern to you, just don't configure it.
Mergedinto: 60105
Status: Duplicate
Project Member Comment 132 by bugdroid1@chromium.org, Oct 13 2012
Labels: Restrict-AddIssueComment-Commit
Mergedinto: chromium:60105
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.
Project Member Comment 133 by bugdroid1@chromium.org, Mar 11 2013
Labels: -Area-UI Cr-UI
Sign in to add a comment