1

Based in this post in Google Chrome help they claim that they encrypt my username and password with a secret key known only to my device.

  1. What is the algorithm used to generate this secret which is known only to my device? Where is it stored? Does anyone have any idea?
  2. How can it be unique and at the same time exchanged through different devices and operating systems?
  3. Is there any whitepaper or something like this that can explain this?

Of course I have the same questions for Firefox Sync.

the original post.

When you log in to a website while signed in to Chrome, Chrome encrypts your username and password with a secret key known only to your device. Then it sends an obscured copy of your data to Google. Because the encryption happens before Google’s servers get the information, nobody, including Google, learns your username or password.

John
  • 21
  • 4
  • @schroeder This does not answer my question! My question is where this secret key gets stored? and if it symmetric encryption how this key gets transferred to other devices and used for decryption?! – John Nov 11 '21 at 14:48
  • @schroeder yes I did. for the sake of not extending comments can you reopen it so that we can discuss? – John Nov 11 '21 at 14:52
  • No, you closed the chat room for this. The duplicate answers you. – schroeder Nov 11 '21 at 14:54
  • @schroeder It looks like OP is interested in knowing how password sync works, while the current dupe talks only about how chrome stores passwords locally. I feel like that question must have been answered somewhere too, but I can’t find a good dupe for that. – nobody Nov 11 '21 at 18:31
  • OP, AFAICT, google help article you linked to seems to be talking about protecting passwords by *identifying breached credentials*, not about securely sharing credentials between devices. – nobody Nov 11 '21 at 18:34
  • @nobody yes, there is a FireFox Sync question where that was covered. – schroeder Nov 12 '21 at 07:42
  • I saw your comment. It is difficult to listen to reasoning when the reasoning shifts constantly. As I said, you are looking to know how the password sync process works. Please refine your searches to that topic and look at the Related questions that talk about sync. – schroeder Mar 06 '22 at 18:00

0 Answers0