Letting Google Chrome remember all your passwords is convenient, but it does have its downsides. With the proper tools, a hacker can view all the passwords stored on your Google account and use them to break into your online accounts.
Here’s how to view your Chrome passwords from anywhere—and why you may not want to do so.
How the Chrome Password Manager Works
The Google password manager is integrated into the Chrome browser and is toggled in the settings. You can see the password manager by clicking the three dots at the top right of the browser, then choose Settings.
Look for the Auto-Fill category, then click Passwords underneath it.
You can also point your browser towards chrome://settings/passwords to see them.
Whichever route you take, Chrome will show you all the website login details it has on file. You’ll see the username you have stored for that website and a password field masked by dots.
When you click the eye icon next to the password, Chrome will ask you for your operating system profile’s password or PIN. Once you’ve done this, Chrome will reveal the password you requested.
The Downsides of Google Chrome’s Password Manager
Using Chrome Password Manager is very convenient. It syncs your password between your devices and automatically fills in forms on any PC; you need to sign in. If you need to remember a password (for example, if autofill doesn’t do its job), you can use the manager to remind yourself what the password is.
Unfortunately, the Google Chrome password manager does have its downsides. It’s worth taking these into account so you can protect your passwords—that is, if you still want to keep Chrome’s password manager after you learn about the negatives!
There’s No Additional Protection If You Don’t Use a Password
Remember how Chrome’s password manager asks for the password or PIN you use to log on? Things get a little worrying if you don’t use a login code at all. Without a login code, someone can sign in to your profile, boot up Chrome, and look at all the password they want without any security checks.
There is no way to export all the passwords at once, so an intruder will only manage to note down a handful of passwords; however, they’ll likely use the time to target sensitive accounts such as bank login information.
Also, if you re-use passwords a lot, the intruder can use this bad habit to crack open your other accounts without needing to see every password. All they need is the website you visit and your username, and they have a “skeleton key” that unlocks any account you may have.
Your Chrome Passwords Can Be Viewed Online
Near the top of the password manager settings page in Chrome, you’ll see the sentence “View and manage saved passwords in your Google Account.” You can click the words “Google Account” to go to https://passwords.google.com.
When you visit this link, Google will show you all the login details for every account you’ve stored with Chrome. You can view your passwords here, too; you just have to pass a Google account password check before you see them. This does mean that someone with your Google password can view all your account details remotely.
Fortunately, Google has geolocation tracking turned on by default, so someone logging in from a foreign country will be flagged as suspicious and denied entry. However, if the person snooping on your passwords is using the same connection as you, they can skip this check.
Turning Off Chrome’s Password Manager
While the above points are worrying, there are ways to fix these problems and keep your passwords secure. However, if you’ve decided enough is enough with Google Chrome, you can delete everything in the password manager and stop the sync.
Clearing Your Passwords on PC
To delete all your login details on PC, click on the three dots at the top-right of the Chrome window, then click Settings.
Scroll down until you’re in the Advanced section of the settings, then find and click on Clear browsing data. If you look at the top of the window that appears, you’ll see there are two tabs—Basic and Advanced. Click on Advanced.
At the bottom of this window, you should see your Google account and text telling you that any changes you make will sync up with the central database. Make sure you’re erasing the data on the correct account; otherwise, you may have to answer to angry family members!
If you want to go the nuclear option, click on the drop-down menu next to Time range and select All time. Otherwise, pick a time range that suits you.
Now select the items you want to erase. If you’re reading this, you’ll want to click Passwords and other sign-in data to clear the saved passwords. Once done, click Clear data to erase everything from the computer and the central database.
Disabling Password Saving and Sync on PC
Now we’ll stop Chrome from saving and syncing details in the future. To do this, click on the three dots at the top right, then Settings.
Under People, click on Sync and Google Services.
Here, click on Manage sync.
Now, uncheck Passwords. You may need to uncheck “Sync everything” to unlock the password setting.
Click the back arrow at the top-left twice to return to the settings screen. Now, under Auto-fill, select Passwords.
Then, uncheck Offer to save passwords.
Clearing Your Passwords on Mobile
On a mobile device, open Chrome, tap the three dots at the top right, then tap on Settings. Scroll down to the Advanced section and tap on Privacy.
Tap on Clear browsing data, then ensure you’re on the Advanced tab at the top. Make sure the Time range drop-down says All-time, or however long you wish to delete up to. Tap the checkmark for Saved passwords and then Clear data.
Disabling Password Saving and Sync on Mobile
To prevent the sync from re-populating the database, tap the three dots at the top right, then Settings. Tap on Sync and Google services near the top. Under Sync, tap Manage sync. If Sync everything is checked, uncheck it; then, uncheck Passwords.
Tap the back button at the top-left twice to go back to the main Settings page. Now, tap Passwords, then uncheck Save passwords.
How to Strengthen Your Browser Password Security
As you can see, there’s a lot that can go wrong with Chrome’s password manager. However, if you can’t bring yourself to ax the feature, there are ways to strengthen your security.
Put a Password on Your Operating System
To start, you can put a password or PIN code on your operating system. It may be an annoying hurdle if you’re the only one using the computer, but it does give you that added layer of defense against prying eyes. Plus, it’s a good defense if anyone tries to access your PC without your permission!
Use Two-Factor Authentication on Your Google Account
You can also download a two-factor authentication (2FA) app for your phone and tie your Google account to it. That way, if someone tries to access the passwords page for your account, they’ll need a second code to proceed. All you need to do is keep the code safe, and your passwords are secure.
Use a Third-Party Password Manager Instead
If you want a little more control over your passwords, you can try a third-party password manager instead. That way, you’re not bound to Google’s way of handling your data.
Discussing which password manager is best for you is an article all in itself. Fortunately, we’ve already written it—you can find it over at the best password managers for every occasion .
Make Your Passwords More Memorable
If you rely on a password manager to keep your accounts in check, you may be setting passwords that are hard to remember. It’s a good idea to have a plan that creates memorable passwords for every website without re-using the same one.
If you always forget passwords, try this simple trick for memorable, secure passwords .
Securing Your Chrome Experience
Regardless of if you want to secure your Chrome’s password manager or disable it altogether, it’s good to know how the browser handles your passwords and how hackers can take advantage of it. Fortunately, there are ways to surf safer, even if it means ditching Chrome’s manager for another one!
If you want to continue fortifying your browser, check out the best security Google Chrome extensions .