Issue metadata
Sign in to add a comment
|
Anybody can see passwords of different websites used a chrome user
Reported by
ramandee...@gmail.com,
Jul 27
|
||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Steps to reproduce the problem: 1. Go to Advanced option in Chrome settings 2. Click on Manage passwords 3. Click on eye to see User password of any website What is the expected behavior? When an unauthorized person follows above given steps, Windows will ask for windows password but if windows doesnt have any password or it is a shared pc/laptop then the unauthorized person can see passwords of a user's passwords of all different website. One of these passwords may belong to his Bank Account password which may further be used for illegal activities. What went wrong? When an unauthorized person follows above given steps, Windows will ask for windows password but if windows doesnt have any password or it is a shared pc/laptop then the unauthorized person can see passwords of a user's passwords of all different website. One of these passwords may belong to his Bank Account password which may further be used for illegal activities. A user normally gives his windows password to less known persons for using there laptop temporarily. Did this work before? Yes Chrome version: 67.0.3396.99 Channel: n/a OS Version: 10.0 Flash Version: There should not be any option of showing password. Either there is option of deleting password or modifying password(without showing previous password or after some authentication)
,
Nov 3
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by mbarbe...@chromium.org
, Jul 27