1. Home >
  2. Internet & Security

Google Planning More Security for Chrome OS Saved Passwords

Google failed to implement a rather simple security measure to protect your passwords from snooping. That could change in an upcoming Chrome OS release, though.
By Ryan Whitwam
chromebook
Google likes to talk a big game when it comes to security on Chrome OS, and it's true that there isn't as much to go wrong in Chrome. However, that doesn't mean it's perfect. In fact, Google failed to implement a rather simple security measure to protect your passwords from snooping(Opens in a new window). That could change in an upcoming Chrome OS release, though. It turns out that Google's Chrome OS doesn't enforce any sort of authentication when viewing your saved passwords. If you're using Chrome (or any other modern browser) on Windows or Mac OS, you can see how this is supposed to work. You open the browser settings, check your saved logins, and click to see the passwords. Windows prompts you for your Microsoft account details. On a Mac, it's your Apple ID. In either case, it's much more difficult for a third-party to snoop on your passwords. Once you're logged into a ChromebookSEEAMAZON_ET_135 See Amazon ET commerce(Opens in a new window), the entire user-accessible system is open to whoever is physically touching the computer. Chrome does have additional limitations at the system level that prevent many of the hacks we see on other platforms. Google keeps most system components locked down unless you activate the hidden developer mode. That means you can reset the entire system and restore your cloud data in a few minutes if something goes wrong. Still, your passwords are just there for anyone with hands to peruse. The lock screen dialog being re-purposed for password security. A Google employee added a bug report to the Chromium project last month asking for an added layer of password security. The Chromium team replied several days ago to say the feature was in the works. You can even follow progress yourself via the open-source Chromium code(Opens in a new window). The developers are using the lock screen authentication framework for keeping passwords secure. In the future, Chrome OS will pop up a login box when you try to reveal one of the saved passwords in the browser. You'll have to enter your Google credentials in order to view those passwords. This change is still very early in the development process -- it's not even in the experimental Canary build yet. It still needs to filter down through the developer, beta, and finally stable channels before it's an official feature. We're looking at several months at least. In the meantime, don't leave your logged-in Chromebook sitting around for someone to grab. Now read:

Tagged In

Chrome Security Chromebooks Passwords Chrome Os

More from Internet & Security

Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of use(Opens in a new window) and Privacy Policy. You may unsubscribe from the newsletter at any time.
Thanks for Signing Up