Is Google Chrome Password Manager Secure?

How Do I Save Passwords In Chrome?

Most fresh Chrome installations will prompt you when they see you entering a username and password. The prompt will ask about your password management preferences. If you refuse to store passwords in Chrome the first time out and opt for it to stop prompting you, you might have accidentally turned off the password manager features.

If that's the case, or the option to save password information in the Chrome browser isn't turned on by default, you can go into the settings to turn the option back on:

Find the three dots that open your Chrome options menu. On a desktop, these are located to the right of your address bar. Click or tap them.

Now select Settings. In the next menu, pick Auto-fill. In a desktop browser, that option appears along the left-hand side of the window.

Then there should be a heading that says Offer To Save Passwords. Flip the switch so that it displays as blue rather than gray.

That will turn on the Chrome password manager, and the next time you enter a username and password, you should be prompted for options to save them.

How Secure Is Google Chrome Password Manager?

It's almost completely average.

The password generation is reasonable but tepid. You can't specify X minimum number of special characters or Y minimum number of numeric characters. This means if you have a specific password policy you need to comply with, you'll have to manually edit the generated password.

It can't share access to a password without sharing the password itself. For example, if there's a family Netflix account, more powerful password managers will be able to inject the password into the other family members' login prompts without displaying it. Not so with Chrome.

And of course, whatever the weakest password in the computer's login chain is, that's effectively the strength of all saved passwords in Chrome. By default, access to the browser is the same as access to the passwords, without the need to enter a master password to grant full access.

But these are fairly typical weaknesses of a non-specialized password manager. Chrome is no better and no worse than other native browser password managers.

So Should I Save Passwords in Chrome?

Only if you absolutely must.

A specialized password manager is more secure, saves all of your passwords in a high encryption environment, has far more well-tailored password generation, and can be set up so that the master password needs to be entered before general access to the password pool is granted.

If the complexity of the required master password is intimidating, consider using a single, long phrase with personal meaning to you instead of a bunch of random characters. The password: 'I took the dog for a sunrise walk down by the ocean yesterday.' is far, far more secure than 'X&im97T%'. The second one would take around half a day to brute force, max. The first one would take centuries, even if certain assumptions are made.

But if certain policies or personal preferences force you to use Google Chrome password manager and you're careful about access to your computers, it can be serviceable.