On Fri, Jun 11, 2021 at 12:32 PM Peter Beckman <beckman@angryox.com> wrote:
On Fri, 11 Jun 2021, William Herrin wrote:
On Fri, Jun 11, 2021 at 9:42 AM César de Tassis Filho <ctassisf@gmail.com> wrote:
Google does not have access to your plain-text passwords in either case.
If they can display the plain text passwords to me on my screen in a non-Google web browser then they have access to my plain text passwords. Everything else is semantics.
Untrue. If you have a key on your computer, such as was mentioned that the Google key may be stored locally in the MacOS Keychain, and you unlock your MacOS Keychain with your local laptop login password, which is also stored on an encrypted disk volume, that does not mean those passwords have left your computer in plain text, or that Google has this key that lives in your keychain.
I agree, if they do, that's terrible. But I haven't seen any evidence that they do.
However, if the password is entered on one device (Android device, for example, as mentioned in the original post), and then is visible in clear-text on a different browser on a different device (laptop, for example, again, from the original post), then clearly the password has left the original device in a form which is reversible to the original clear text. You can argue that it may be stored "in the cloud" in encrypted form; but it's clearly being stored in a manner which can be reversed to gain access to the original clear text, and using a key which is known to both devices involved, and to the cloud system validating that authentication. This isn't about seeing the passwords in clear text on the same device upon which they were entered; this is about a *separate* device having visible access to the clear text of a password that was not entered via that device. If the laptop had required Bill to enter a decryption key first in order to see the clear text, and that decryption key was one he had manually configured on both devices, stored only locally on each device, then you might be able to argue that the cloud never has visibility into the passwords; but if the keys are encrypted using a gmail login credential, which is itself stored and verified within the same cloud environment as the encrypted password strings it is protecting, then your two factor security has collapsed back down into a single point of compromise; compromise the google password, and you have access to all the passwords that were uploaded and stored in the system unbeknownst to the user. That's the part that would leave me concerned. Having my email password compromised? That's a bit of a "meh" moment. Suddenly discovering that one password now gave access to potentially all my financial accounts as well? That's a wake up in the night with cold sweats moment. :( Matt