Chrome's stored passwords for various sites

Mikefromlondon

Mikefromlondon

Joined
6 Aug 2011
Messages
3,191
Reaction score
192
Location
London
Country
United Kingdom
Could (please) any one shed some light why Chrome only shows a few sites where my passwords are stored and yet won't show others? for example it shows 5 site passwords out of 9, so why does it not show 4 others,

If anyone needs to know, if your browser (chrome in my case) stores passwords for regularly visiting web pages or sites such as Youtube, AOL, DIYnot, etc etc, and you may have forgotten the passwords, but you could find out by going to chrome settings and c licking on Advance and scroll down to passwords and forms, there you will get all sites mentioned and lots of dots representing your stored passwords, and to reveal you place your cursor on any of the dots and click, this opens a new dialogue box and click on "show" and the actual password stored for that site will be revealed, but it may prompt you to first enter your user password for that computer to allow you to do that.

So in my case it only shows 5 stored passwords when the fact is it knows 9 stored passwords, so why can i not see all 9?
 
My chrome shows all my saved passwords, are some of the sites the similar URL's? Chrome could be confusing several sites for one. For a more advanced, free option for saved passwords i moved to LastPass - you have one master password and it creates very secure individual passwords (and usernames if required) for any site you log in to. There is an extension you add to chrome which makes it very user friendly.
 
Thanks for your suggestion regarding lastPass master password, where it creates and stores highly secure passwords for you, Number 1, I don't trust such sites, believe me Nothing in this world or universe is for free, there is a motive behind this free site offering to protect you, there will be a compromise somewhere, which if need be, your security will be compromised. Or simply gathering data, and they could themselves be able to access the contents of your computer easily as they generated passwords.

Number 2, if something went wrong, with their system being down or crashing or going out of business, you could be left in a limbo where you might not be able to access some of the sites or pages you wish to visit.

But thanks for suggesting, no harm in doing so is there, I just don't trust 90% of the sites. You could trust sites like Ebay, Paypal, Microsoft, and so on, take for instance Chrome has a lot of information held about you, and they could sell it on for profit, they could exploit you, they could be hacked into and aLL YOUR SENSITIVE DATA (sorry I hit the caps button) could be available to wrong people, scammers etc.
 
Hi Mikefromlondon

Sometimes the password is not stored by the Browser directly, but is based on "cookies" or other such temporary internet files stored by the website locally on your machine.

Example1: You log in to a website, and Chrome/Firefox/etc asks you "do you want to remember this password/log in automatically in future?" - If you select YES then the browser will remember the password and show you

Example2: You are about to log in to a website, and as you enter your username/password, you tick a box that says "remember me" on the web page.

In Example 2, it is not the Browser that is remembering the password, but the website is "remembering" you, so the next time you go to the website it will log you in automatically. This can be done either via:
- Storing cookes/other temporary internet files on your machine. Using this approach, the website checks your local browser cache to see if there are any cookies/temp files stored that show you have previously authenthicated correctly, and have asked for your login to be remembered

If this is the case, clearing cookies and other temp cache of the browser will cause you to need to log in again (I think this can also be tested by using a different browser/your current browser in Private/Incognito mode).


- The website is storing some sort of "profile" of you on their side, based on your machine id/IP address (not as common to do it this way, as most users IP addresses can change at any time by your ISP)
 
Mikefromlondon said:
Thanks for your suggestion regarding lastPass master password, where it creates and stores highly secure passwords for you, Number 1, I don't trust such sites, believe me Nothing in this world or universe is for free, there is a motive behind this free site offering to protect you, there will be a compromise somewhere, which if need be, your security will be compromised. Or simply gathering data, and they could themselves be able to access the contents of your computer easily as they generated passwords.

Number 2, if something went wrong, with their system being down or crashing or going out of business, you could be left in a limbo where you might not be able to access some of the sites or pages you wish to visit.

But thanks for suggesting, no harm in doing so is there, I just don't trust 90% of the sites. You could trust sites like Ebay, Paypal, Microsoft, and so on, take for instance Chrome has a lot of information held about you, and they could sell it on for profit, they could exploit you, they could be hacked into and aLL YOUR SENSITIVE DATA (sorry I hit the caps button) could be available to wrong people, scammers etc.
Click to expand...

Wowzers i get the feeling someone been burnt in the past??! Well last pass encryption is created on the local PC however that's their argument not mine.... Chrome is no safer than the password yo use for your Google account.

I've never had issues with chrome storing passwords , or not, however.
 
As you said someone's been burnt before, a good friend had his Hotmail account hijacked twice, both times it could not be recovered despite supplying all the necessary evidence to Microsoft who ran Hotmail accounts now transferred to outlook, he lost hundreds of very important emails, the recovery process using two step verification also failed, because Hijackers changed other information as well which is used for recovery purpose such as changed mobile number AND alternative email address, this caused him enormous loss, now he does not trust Microsoft and uses yahoo for essential emails, yahoo staff can recover stolen accounts, or hijacked accounts.

I am with AOL, they too are very good when it comes to recovery process, if someone changed your password and you could not log in, all you need is make a phone call from your registered phone and they provide you with an alternative password so that you are on your way straightaway, unlike Microsoft, their system is totally useless, their escalation agents are completely unhelpful and do not understand what it is to lose an account full of important emails, all they do is sorry we suggest you open another account to get back on, that doesn't help recovering any old emails, they are thick as a plank, I helped my friend dialogue with Microsoft for about 4 months trying to persuade them to somehow recover the accounts even if using their more experts who could penetrate the system using a master password of some kind or through some recovery software, but they said it was just not possible, and I even bet them that if there was a murder enquiry and the Police wanted to check email correspondence, how do they get into people's accounts for the police? Sure they know there is a way, but they bluntly refused to help.
 
I don't let Chrome store my passwords (use LastPass) but have read some criticism in the past regarding Chrome's password storage security. Maybe moves have been made to address this (not sure).

Are the passwords Chrome won't reveal to do with secure sites, or sites that use 'https' in the address line? If so, not being able to view passwords for such sites could be a measure that has been introduced to improve password security.

Chrome should offer to save login details, even for sites that instruct the browser not to ('autocomplete=off' instruction) but maybe, as a balancing act between user-friendliness and security, the passwords won't be revealed for such sites.

All conjecture I'm afraid but perhaps reasons why you can't reveal the passwords for some sites.
 
Another Lastpass user here.

I do not let any browser save any password, I prefer a password manager so I can have unique & secure passwords wherever I go. :)
 
You must log in or register to reply here.
Back
Top