Retrieve a Stored Password From Google Chrome

  author
Written By Nimisha Ramesh  
Anuraag Singh
Approved By Anuraag Singh 
Published On October 27th, 2022
Reading Time 3 Minutes Reading

For an average user, it is quite normal to have account and access to multiple websites. This means remembering username and password of all. Right?

Wouldn’t it be so easy if you just visit the website and you have the login credentials already added to it and with single click, you can access it. Yes, Google Chrome makes this possible for you through its option to “Save Password”. Whenever you login to a website, you get a yellow bar at top-right of the scree asking “Do you want to save password for this website”. If you click “Yes”, the next time you visit the website, login process will be simplified as you will be presented with the “Username” and “Password” and all you need to do is hit the login button.

image1

image2

This will definitely prove helpful when you wish to access the website on same machine but on the contrary can be disastrous if someone else can gain access to the system. The login details gets saved into SQLite database in your system into File named “Login Data”.

image3

However, if you want to retrieve stored password from Google Chrome browser, then it is relatively easy. Follow the steps mentioned below:

Open Google Chrome browser and then go to “Settings”.

image4

Click on “Advanced Settings” and under the “Passwords and forms” section, click on “Manage Passwords” link.

image5

Under the “Saved Passwords” section, you will find all the websites enlisted for which you have login details saved. Click on the site and double click on the password section. The text box for password will then have a “Show” button. Click on it and you can see the actual characters for the password instead of encrypted password in the form of dots.

image6

Note: When you click on the Show button, a pop up will be shown on screen asking for Windows password. This is done as a part of safety concern that the password is seen with the permission of system administrator.

image7

How it Works at the Backend?

When you click the “Save” button to store the password, the following function is called:

image8

The “PasswordFormManager” function calls the “Save” method of the object (form_manager) and when this is done, it instructs the prompt to save password to close.

image9

If the user is new, the login details will get saved and otherwise the password will get updated.

image10

Here, the object “WebDataService” is take care about the metadata of the web page.

image11

The job of adding passwords is done asynchronously through scheduling. This is done so as to assure that no interruption is done into the Chrome’s interface.

image12

Then there is a function that is responsible for building a SQL statement for adding the password to the database (SQLite login.db file). There is an object “Encryptor” which will convert the plain text into cipher. The function cryptprotectdata is the API function of Windows that is responsible for creating cipher and the best part is, decryption takes place with the same user and machine.

image13

In the above section, we had a walk-through the mechanism that Google Chrome follows for storing the password. Also, if you manage the passwords on machine to remember them, it is extremely easy to retrieve them through Chrome’s browser settings. Although makes password management quite convenient for users but it is recommended to protect the user machine so that nobody else can have access to it or use it for illegitimate activities.

  author

By Nimisha Ramesh

Nimisha Ramesh is a dynamic professional known for her expertise in content and brand strategy. With a passion for crafting compelling narratives, Nimisha excels at creating content that not only engages but also aligns with brand objectives. Her strategic approach to content development and brand management has made her a valuable asset in reaching broader audiences and driving business success.