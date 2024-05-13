



Chrome for Android users warned about password manager removal issue

Light Rocket (via Getty Images)

Clearing your web browser's cache and using a password manager are among the top basic security and privacy tips. Unless you're using Google Chrome on the Android mobile platform to do both of these things, I don't think so. Until the issue is resolved with an application update, this version of Chrome will include saved passwords in the items removed when you clear your browser data by default. Chrome for Android users should also note that when clearing this data, no authentication is required before all passwords are removed.

Who raised the Chrome for Android password removal issue?

One user shared his experience on the Google Pixel subreddit, highlighting an issue where Android Chrome users' Google Password Manager credentials were lost when they cleared their browsing data. We're excited to move from using a combination of her Authy and Bitwarden for authentication and password management to Google Password Manager for a more integrated experience. Everything was fine until recently.

Users who noticed slow performance on their Pixel smartphones cleared their Chrome browser history and cache. They said their saved passwords were among those listed as having their data wiped, but they did not believe this was related to passwords in the integrated password manager vault. I pointed out. The biggest problem, users said, was that Chrome did not ask for or ask for additional authentication, such as a fingerprint, before cleaning the vault.

The user in question needed to return to Bitwarden, which he had not deleted, in order to regain control of the account protected by the credentials stored there. Google Support has already told us that as far as passwords saved and deleted in Chrome are concerned, they cannot be retrieved. An Android developer who read this post raised an issue on the Google Chromium developer support forum with the following title: “Change the UI to prevent users from accidentally clearing all passwords.”

Google's response is that a fix will be available soon

A post on the developer support forum included recommended mitigations to resolve an issue where users accidentally delete their Password Vault data.From the Chrome for Android Clear Browsing Data user interface.[保存されたパスワード]The option was to remove it. Another developer who also lost his password in one click complained that it seems crazy to me that he doesn't force two-factor authentication on something like this.

In response, Google employees raised the issue with members of the Chromium team, asking whether they should reconsider how the UI behaves when clearing passwords. The answer was a big yes. Chromium developers confirmed that the saved passwords item has been removed from the toggle list, but warned that some production work would be needed before the changes were made and released to the public.

In the meantime, Android users can visit Chrome's three-dot menu and check the items listed under the Clear Browsing Data option. If you also use the integrated Google Password Manager, make sure the saved passwords option remains turned off.

