If someone accesses Chrome files on my PC, will that person be able to get the site passwords?

G

gfan2016-11-08 13:23:45

Google Chrome

gfan, 2016-11-08 13:23:45

I read somewhere that files from Google Chrome are stored in the Login Data file, which is located here:
AppData\Local\Google\Chrome\User Data\Default
Can a person replace these files on their PC and see my passwords in Chrome settings?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

Michael, 2016-11-08
@Sing303

Chrome uses DPAPI encryption at the windows account level (for Windows). Using these files on any other PC or the same one, but with a different account, will not allow you to see the passwords.
But if an attacker has access to your PC for an indefinite time, then he will be able to reset the password on your windows account and go to the browser, in fact, get access to the passwords, it's over if you do not use the master key.

R

Raul Duke, 2016-11-08
@dushako

No, that would be too easy;) Chrome encrypts the saved passwords with 256-bit AES, and it won't work just to change the files, it won't work under someone else's profile. Now, if an attacker has direct (physical) access to your PC, then it will not be difficult to find out passwords "under asterisks".