• Chrome Browser memory stores passwords in plain text

    Home » Forums » AskWoody support » Questions: Browsers and desktop software » Updates for browsers, apps and add-ins » Chrome Browser memory stores passwords in plain text

    Author
    Topic
    #2452884

    Born’s Tech and Windows World information is here:

    https://borncity.com/win/2022/06/12/chrome-speichert-passwrter-im-speicher-im-klartext/#more-24837

    Following a link from above:

    https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory

    “Similar weaknesses were seen in the Microsoft Edge browser…”

    It’s probably best not to store your passwords on your browser. There are further implications some of which are related to sensitive cookies.

    On permanent hiatus {with backup and coffee}
    offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
    offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
    online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
    • This topic was modified 1 year, 5 months ago by geekdom.
    1 user thanked author for this post.
    Viewing 3 reply threads
    Author
    Replies
    • #2452916

      Google has refused to fix this for years. I may be pushed into it by Firefox’s slow-motion self-immolation, but for now my general preference seems to work: Don’t use browsers based on Chromium.

      Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
      XPG Xenia 15, i7-9750H/32GB & GTX1660ti, KDE Neon
      Acer Swift Go 14, i5-1335U/16GB, KDE Neon (and Win 11)

    • #2452918

      Windows 10 22H2 desktops & laptops on Dell, HP, ASUS; No servers, no domain.

      3 users thanked author for this post.
    • #2453128

      I read the articles, but still have a question.
      Can someone clarify if this vulnerability is only for passwords stored in the browser or if the vulnerability exists for username and passwords typed directly into a website? Thank you

    • #2453176

      Alex, Thank you for responding, however what you quoted is what I already read in the article. To me it is unclear. Does the following statement that you quoted “Credential data (URL/username/password) is stored in Chrome’s memory in clear-text format.” refer to data manually typed directly into a website? Please answer yes or no. Thank you.

    Viewing 3 reply threads
    Reply To: Chrome Browser memory stores passwords in plain text

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: