• Chrome Browser memory stores passwords in plain text

    Home » Forums » AskWoody support » Questions: Browsers and desktop software » Updates for browsers, apps and add-ins » Chrome Browser memory stores passwords in plain text

    Author
    Topic
    geekdom
    AskWoody_MVP
    June 12, 2022 at 1:46 pm #2452884
    Options

    Born’s Tech and Windows World information is here:

    https://borncity.com/win/2022/06/12/chrome-speichert-passwrter-im-speicher-im-klartext/#more-24837

    Following a link from above:

    https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory

    “Similar weaknesses were seen in the Microsoft Edge browser…”

    It’s probably best not to store your passwords on your browser. There are further implications some of which are related to sensitive cookies.

    On permanent hiatus {with backup and coffee}
    offlineâ–¸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
    offlineâ–¸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
    onlineâ–¸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
    • This topic was modified 1 year, 5 months ago by geekdom.
    1 user thanked author for this post.
    jburk07
    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • Ascaris
      AskWoody MVP
      June 12, 2022 at 2:55 pm #2452916
      Options

      Google has refused to fix this for years. I may be pushed into it by Firefox’s slow-motion self-immolation, but for now my general preference seems to work: Don’t use browsers based on Chromium.

      Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
      XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
      Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

      Reply | Quote
    • oldfry
      AskWoody Plus
      June 12, 2022 at 3:02 pm #2452918
      Options

      Windows 10 22H2 desktops & laptops on Dell, HP, ASUS; No servers, no domain.

      3 users thanked author for this post.
      KP, OscarCP, geekdom
      Reply | Quote
    • Sueska
      AskWoody Plus
      June 13, 2022 at 1:23 pm #2453128
      Options

      I read the articles, but still have a question.
      Can someone clarify if this vulnerability is only for passwords stored in the browser or if the vulnerability exists for username and passwords typed directly into a website? Thank you

      Reply | Quote
    • Sueska
      AskWoody Plus
      June 13, 2022 at 5:10 pm #2453176
      Options

      Alex, Thank you for responding, however what you quoted is what I already read in the article. To me it is unclear. Does the following statement that you quoted “Credential data (URL/username/password) is stored in Chrome’s memory in clear-text format.” refer to data manually typed directly into a website? Please answer yes or no. Thank you.

      Reply | Quote
    Viewing 3 reply threads
    Reply To: Chrome Browser memory stores passwords in plain text

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • How to use the Forums
  • All Forums

    • Recent Topics

    December 2023
    S M T W T F S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.