Chrome already uses the OS keychain facilities. People are complaining that this... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		makomk on Aug 25, 2013 \| parent \| context \| favorite \| on: Showing stored passwords – Tim Berners-Lee Chrome already uses the OS keychain facilities. People are complaining that this is insecure because unauthorized people can look at the saved passwords if the user leaves their computer logged in and unlocked. They want Chrome to adopt the Firefox approach of storing them directly on disk optionally encrypted with a master password.

andreasvc on Aug 25, 2013 [–]

Or the Safari approach, where even though it could show you the passwords directly, its policy is to ask for your password before doing so. Note that while Chrome uses the keychain, it actually circumvents the point of the keychain by decrypting all keys at startup, before they're needed.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact