According to a recent Reddit post, users of Google Chrome on the Android mobile platform may be inadvertently deleting their saved passwords when clearing their browser data. The issue was raised by a user who noticed their saved passwords were deleted when clearing browser history and cache on their Pixel smartphone. The user was not prompted for additional authentication before the data was deleted, causing them to lose access to their accounts.
In response to the issue raised by the user, an Android developer raised the issue on the Google Chromium developer support forums. They suggested removing the ‘Saved Passwords’ option from the Chrome for Android clear browsing data user interface to prevent users from accidentally deleting their password vault data. Another developer who had also experienced the issue expressed concern about the lack of two-factor authentication for such actions.
Google has acknowledged the issue and confirmed that a fix is in the works. A member of the Chromium team agreed that the UI needed to be reconsidered to prevent users from accidentally deleting their saved passwords. While the saved passwords option will be removed from the toggle list, it will require some additional product work before the change can be implemented and released to the general public.
In the meantime, Android users are advised to check the Chrome three-dot menu for the clear browsing data option. Users who make use of the integrated Google Password Manager should ensure that the saved passwords option remains unchecked to avoid inadvertently deleting their password vault data. It is recommended that users exercise caution when clearing their browsing data until the issue is resolved.
The Reddit user who initially raised the issue had to switch back to a third-party password manager in order to regain access to their accounts. Google support informed them that the passwords stored on Chrome and subsequently deleted could not be retrieved. The user’s experience highlights the importance of ensuring proper security measures are in place, such as using a password manager and regularly clearing browser cache for privacy reasons. Hopefully, the upcoming fix from Google will address the issue and prevent similar incidents from occurring in the future.
