UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36

Steps to reproduce the problem:
1. Go to Advanced option in Chrome settings
2. Click on Manage passwords
3. Click on eye to see User password of any website

What is the expected behavior?
When an unauthorized person follows above given steps, Windows will ask for windows password but if windows doesnt have any password or it is a shared pc/laptop then   the unauthorized person can see passwords of a user's passwords of all different website. One of these passwords may belong to his Bank Account password which may further be used for illegal activities.

What went wrong?
When an unauthorized person follows above given steps, Windows will ask for windows password but if windows doesnt have any password or it is a shared pc/laptop then   the unauthorized person can see passwords of a user's passwords of all different website. One of these passwords may belong to his Bank Account password which may further be used for illegal activities.
A user normally gives his windows password to less known persons for using there laptop temporarily.

Did this work before? Yes 

Chrome version: 67.0.3396.99  Channel: n/a
OS Version: 10.0
Flash Version: 

There should not be any option of showing password. Either there is option of deleting password or modifying password(without showing previous password or after some authentication)