Google Planning More Security for Chrome OS Saved Passwords

Google Planning More Security for Chrome OS Saved Passwords

Google likes to talk a big game when it comes to security on Chrome OS, and it’s true that there isn’t as much to go wrong in Chrome. However, that doesn’t mean it’s perfect. In fact, Google failed to implement a rather simple security measure to protect your passwords from snooping. That could change in an upcoming Chrome OS release, though.

It turns out that Google’s Chrome OS doesn’t enforce any sort of authentication when viewing your saved passwords. If you’re using Chrome (or any other modern browser) on Windows or Mac OS, you can see how this is supposed to work. You open the browser settings, check your saved logins, and click to see the passwords. Windows prompts you for your Microsoft account details. On a Mac, it’s your Apple ID. In either case, it’s much more difficult for a third-party to snoop on your passwords.

The lock screen dialog being re-purposed for password security.
The lock screen dialog being re-purposed for password security.

A Google employee added a bug report to the Chromium project last month asking for an added layer of password security. The Chromium team replied several days ago to say the feature was in the works. You can even follow progress yourself via the open-source Chromium code. The developers are using the lock screen authentication framework for keeping passwords secure.

In the future, Chrome OS will pop up a login box when you try to reveal one of the saved passwords in the browser. You’ll have to enter your Google credentials in order to view those passwords. This change is still very early in the development process — it’s not even in the experimental Canary build yet. It still needs to filter down through the developer, beta, and finally stable channels before it’s an official feature. We’re looking at several months at least. In the meantime, don’t leave your logged-in Chromebook sitting around for someone to grab.

Continue reading

Google Pixel Slate Owners Report Failing Flash Storage
Google Pixel Slate Owners Report Failing Flash Storage

Google's product support forums are flooded with angry Pixel Slate owners who say their devices are running into frequent, crippling storage errors.

Google Kills Free Photo Storage, Changes What Counts Toward Storage Caps
Google Kills Free Photo Storage, Changes What Counts Toward Storage Caps

Google has announced some significant changes to Photos, especially if you use the service for automatic backup.

Time to Update: Google Patches 2 Severe Zero-Day Chrome Vulnerabilities
Time to Update: Google Patches 2 Severe Zero-Day Chrome Vulnerabilities

Unlike the last few zero-days, Google didn't find these security holes itself. Instead, it was tipped by anonymous third-parties, and the problems are severe enough that it hasn't released full details. Suffice it to say, you should stop putting off that update.

Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps
Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps

Both Nvidia and Google have announced iOS support for their respective cloud gaming platforms via progressive web applications. Apple can't block that.