That you can do this is concerning.
And honestly, that should concern you.
Become a Patron of Ask Leo! and go ad-free!
Many web browsers including Google Chrome can remember passwords for you. You can see what’s been remembered in Chrome by searching for “password” in Settings, and clicking on “Saved Passwords”. For each account listed click on the “eye” icon to view the actual password. While security has improved and features added, I still prefer a separate dedicated password manager for saving passwords.
To be clear, what we’re discussing here is a feature of Google Chrome that saves passwords for you without the use of an additional password vault1.
Visit a website that requires login, log in normally, and the browser will offer to save the password for you.
Click on Save, and Chrome will automatically enter the username and password for you the next time this site asks you to log in.
But what if you need to see the password?
Viewing saved passwords in Google Chrome
Click on the vertical ellipsis (three dots) in the upper right of the Chrome window, and then click on Settings.
On the resulting Settings page, search for “password”, and in the results list, below Autofill, click on Passwords.
On the resulting page, you’ll see a section labelled “Saved Passwords”.
Here, each stored password is represented as dots for security. Click on the eye icon, and you’ll be prompted to re-enter your Windows password.
Enter that, and your password will be displayed.
While I’ve obscured a portion of my password, your entire password will be completely visible.
I’ve never been a huge fan of browser-saved passwords, and while the majority of my objections2 have fallen by the wayside over time, one substantial one remains.
All we needed was your Windows password to view any password you’ve allowed your browser to save.
The implication is that the level of security required to display your password collection is the same as that required for logging into Windows. In practice, that’s not true. Your password collection warrants a long, strong password, with two-factor authentication.
People generally don’t do that for their Windows login. Even Microsoft accounts, when used, are often held to a lower security standard than should be necessary to view a collection of passwords.
I prefer a separate password vault with its own, tighter security.
That being said, if you’ve allowed Google Chrome to save your passwords for you — which is admittedly very convenient — now you can view what’s been saved when you need to type it in manually elsewhere.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!