A few times now, it's blown up my profile data, which includes bookmarks and passwords that I do not want to have to look up, reset, etc.
Passwords are not what I want to burn mental energy on. It's best when my browser can manage them properly, and hopefully the same for bookmarks, etc. Fortunately Google Chrome's sync feature is reasonably reliable, but (being paranoid) I can't afford to have it "accidentally" delete all my saved passwords.
So I found a way to export them, just in case. Thankfully Chrome uses SQLite databases (extensively), so the data is fairly easy to access.
On Ubuntu Linux, very simple step-by-step:
- sudo apt-get install sqlite3
- sqlite3 -csv ~/google-chrome/Default/Login\ Data 'select * from logins' > chrome-passwd.csv
The passwords were not stored encrypted, as far as I could see... I believe Chrome's encryption model for personal data is applied strictly to transport between Chrome and Google's servers. (Please let me know if I'm missing something.)
You should keep that file safe, given that it contains plaintext passwords. Ubuntu's standard encryption (ecryptfs) is probably fine, but there are lots of options.
If you're using Windows, you'll have to install SQLite (version 3) and figure out the rest of this process on your own... and if you need encrypted storage, I recommend TrueCrypt. (I'd also recommend ditching Windows, but that's another story...)
3 comments:
Very interesting! I've been looking for help on this... I found that my "spouse" had a bunch of dating sites in his google chrome password exceptions... Do you know if I can recover any of his login info on those sites if they're in password exceptions?
Hi Anonymous :)
Unfortunately I think Chrome completely ignores passwords for exception sites. I doubt you'll be able to recover logins from those sites in that way.
You could install a keylogger though, to collect usernames, passwords, etc, assuming your spouse logs in again - if that's really valuable to you. I tend to think resolving such problems is about communication though, not as much about gathering evidence against the offending spouse.
Good luck on that.
I confronted him in an honest manner and he tried to tell me it was just a pop-up ad and that he's never been to the sites... I don't want to put a keylogger on bc that would be just as dishonest.
Post a Comment