jfitzpatrick at November 12th, 2013 16:00 — #1
Originally published at: http://www.howtogeek.com/174312/can-google-employees-see-my-saved-google-chrome-passwords/
Storing your passwords in your web browser seems like a great time saver, but are the passwords secure and inaccessible to others (even employees of the browser company) when squirreled away?
ashley_videtto at November 12th, 2013 18:58 — #2
A more accurate topic would then be:
Google Employees can see your Google PW. Amazon employees can see your amazon PW. Facebook employees can see your Facebook PW.
Since they are all the same, yes Google employees have all your saved passwords.
farshad181 at November 13th, 2013 01:13 — #3
YES they CAN!
Google Chrome is syncing all data by default when you are enabled Sync in chrome. where will data must save? answer: Google servers! and every employee of Google that have permission to access user's data on servers, can access user's key information (saved passwords just are one of them!). just imagine Google forced by NSA to do that!
sensi277 at November 13th, 2013 18:15 — #4
Well, some people on here seem to think that Google could get ahold of your password just like that.
That's not the way things work.
If some Google employee were to get physical access to the computer on which the data was stored on, he would get down to the servers, and realize that the data is encrypted. No problem for him though, because he's a Google engineer and can hack a password in an instant, right?
The data that Google stores on it's servers is encrypted with 256-bit AES encryption. It would take the NSA a millennia to get past those security layers. Unless they went up nicely to Google and asked.
farshad181 at November 14th, 2013 01:08 — #5
It's perfectly true that Google use 256-Bit AES encryption for storing data on servers. but any encryption algorithm have a decryption algorithm, this is very simple that if anybody can decrypt data easily. my Chrome browser can sync by server, it means that my browser (--or server side module--) can easily decrypt data (passwords and etc.) and show (--or send to client side--).
There is no need Google employee have access physically data on server, it can accessed by Google's developer facilities.
jfitzpatrick at November 22nd, 2013 16:00 — #6
This topic was automatically closed after 10 days. New replies are no longer allowed.