Retrieve a Stored Password From Google Chrome
For an average user, it is quite normal to have account and access to multiple websites. This means remembering username and password of all. Right?
Wouldn’t it be so easy if you just visit the website and you have the login credentials already added to it and with single click, you can access it. Yes, Google Chrome makes this possible for you through its option to “Save Password”. Whenever you login to a website, you get a yellow bar at top-right of the scree asking “Do you want to save password for this website”. If you click “Yes”, the next time you visit the website, login process will be simplified as you will be presented with the “Username” and “Password” and all you need to do is hit the login button.
This will definitely prove helpful when you wish to access the website on same machine but on the contrary can be disastrous if someone else can gain access to the system. The login details gets saved into SQLite database in your system into File named “Login Data”.
However, if you want to retrieve stored password from Google Chrome browser, then it is relatively easy. Follow the steps mentioned below:
Open Google Chrome browser and then go to “Settings”.
Click on “Advanced Settings” and under the “Passwords and forms” section, click on “Manage Passwords” link.
Under the “Saved Passwords” section, you will find all the websites enlisted for which you have login details saved. Click on the site and double click on the password section. The text box for password will then have a “Show” button. Click on it and you can see the actual characters for the password instead of encrypted password in the form of dots.
Note: When you click on the Show button, a pop up will be shown on screen asking for Windows password. This is done as a part of safety concern that the password is seen with the permission of system administrator.
How it Works at the Backend?
When you click the “Save” button to store the password, the following function is called:
The “PasswordFormManager” function calls the “Save” method of the object (form_manager) and when this is done, it instructs the prompt to save password to close.
If the user is new, the login details will get saved and otherwise the password will get updated.
Here, the object “WebDataService” is take care about the metadata of the web page.
The job of adding passwords is done asynchronously through scheduling. This is done so as to assure that no interruption is done into the Chrome’s interface.
Then there is a function that is responsible for building a SQL statement for adding the password to the database (SQLite login.db file). There is an object “Encryptor” which will convert the plain text into cipher. The function cryptprotectdata is the API function of Windows that is responsible for creating cipher and the best part is, decryption takes place with the same user and machine.
In the above section, we had a walk-through the mechanism that Google Chrome follows for storing the password. Also, if you manage the passwords on machine to remember them, it is extremely easy to retrieve them through Chrome’s browser settings. Although makes password management quite convenient for users but it is recommended to protect the user machine so that nobody else can have access to it or use it for illegitimate activities.