• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

How does Edge Dev (chromium) access my Google Chrome passwords?

Recommended Posts

Steven P.    14,587

One thing that makes me stick with a browser is the hassle of moving all login and passwords over, I even make use of the "suggest passwords" thingy in Chrome now, so imagine my surprise when I signed up to a webshop today using Google Chrome and while looking to see if Microsoft's Edge dev had updated to the latest version (it had) I noticed that the webshops account details including the password are right there in the settings too?

 

SNAG-0003.png

 

I have my Microsoft account associated with the Edge dev profile, and my Chrome browser profile is my Neowin email address, so these are not even the same.

 

Looking in Google search is no help because I get a bunch of results relating to the old (Spartan) Microsoft Edge browser (and how to import or export passwords to Chrome).

 

It seems like a huge breach to me if apps can access Chrome's password's store?

 

Note: I hardly ever use Edge-dev, which makes it even more surprising that it is maintaining Google Chrome's passwords.

Share this post


Link to post
Share on other sites
Steven P.    14,587

I found this in the settings, but this appears to require a user intervention.

 

SNAG-0004.png

 

The triangle warning is just something saying that previously saved passwords for the same site will be overwritten by the imported data.

 

 

Share this post


Link to post
Share on other sites
chromeshock    0

I'm shocked too. I just downloaded  edge browse just to see how it changed itself using chromium project. When It showed me a popup to import bookmarks, forms and passwords, I was sure it will ask me for the password phrase which I used with chrome browser to encrypt the passwords. To my shock it didn't. And it simply copied all my passwords like a text file from chrome. And chrome isn't even running.

There are several hundreds of chromium based browsers out there. 

 

This is A SECURITY BREACH. I'm not sure who else noticed this. 

Or am I missing something?

On 6/3/2019 at 5:15 PM, Steven P. said:

I found this in the settings, but this appears to require a user intervention.

 

SNAG-0004.png

 

The triangle warning is just something saying that previously saved passwords for the same site will be overwritten by the imported data.

 

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.