Chrome-saved cleartext passwords not a flaw, Google says
Google Chrome passwords are stored in cleartext, a function that Google dismisses as a flaw.
Software developer Elliott Kember discovered that all saved passwords can be displayed in plain text in the Chrome settings panel.
“There's no master password, no security, not even a prompt that ‘these passwords are visible,'” Kember said. Google said passwords were encrypted on Google servers while Chrome browser security lead Justin Schuh said any attacker who gained access to an account could dump all session cookies, grab history, install monitoring software or install malicious extensions to intercept browsing activity.