A software developer has raised concerns about Google Chrome's handling of saved passwords, specifically highlighting that the browser allows users to view their stored passwords in plain text. This practice poses security risks, as anyone who gains access to the browser can easily retrieve and view saved passwords without any additional authentication or encryption measures.

The developer shared a demonstration of the issue on Twitter, showing how passwords can be displayed in plain text simply by accessing the browser settings. This vulnerability could be exploited by malicious actors who gain physical access to a device or compromise a user's browser session.

In response, Google has defended the current behavior, stating that the primary purpose of displaying saved passwords is to assist users in managing and correcting typos or errors in their passwords. However, the developer argued that this justification does not adequately address the security concerns associated with storing and displaying passwords in plain text.

Some experts suggest that Google Chrome should implement additional security measures to protect stored passwords, such as requiring additional authentication methods like biometrics or two-factor authentication before displaying passwords in plain text. Others argue that the browser should default to encrypting saved passwords and provide users with the option to decrypt them when needed.

The developer's concerns have sparked discussions within the security community about the importance of secure password management practices and the need for browser vendors to prioritize user security when designing their products. It remains to be seen whether Google will take steps to address the raised security concerns or if it will continue to maintain its current approach to displaying saved passwords in plain text.