Understanding Stored Passwords in Chrome on OS X

When my Mac’s hard disk died, I replaced it with an SSD and reinstalled OS X. At the time I also restored my user’s “login.keychain” file from backup, because I knew that’s where Chrome had stashed all my stored web site passwords. Well, it turns out I only half-knew what was going on.

After the restore, Chrome seemed not to know about any of the credentials. It was quite frustrating because Safari was working fine with the restored Keychain. As a test I entered some credentials in Chrome and they appeared in its own Saved Passwords list! I was expecting that list to be empty because documentation suggests Chrome uses the Keychain on OS X.

After some digging, what I found is that Chrome is quite sensibly engineered, but the user interface is just a little confusing (especially to those with inquiring and suspicious minds!).

This page of Chromium developer documentation explains that Chrome needs to store more metadata about a set of credentials than is supported by the Keychain attributes. Therefore, even though Chrome does use Keychain for credential storage on OS X, it still uses its own built-in (“non-secure”) LoginDatabase. My mistaken belief was that the LoginDatabase would be empty once Keychain is in use.

This can be confirmed by poking around in the local user’s Chrome application data, and opening the SQLite database called “Login Data“. On OS X this contains a row for each stored password but crucially, not the password itself (the username is there, though). Yet in the Chrome Settings user interface, you click “Managed saved passwords” and up pops a list of usernames and passwords as if Chrome was storing them. In fact it’s merging data from both LoginDatabase and Keychain.

The next confusion arises over the lack of Chrome’s awareness of Keychain entries. As explained in the same developer documentation page, until LoginDatabase has a matching entry, the credentials in Keychain are untrusted by Chrome and hence not displayed.

To be fair to the Chrome developers, it’s not an easy thing to get over to the user that the attributes of a set of credentials are split between two stores, and that you can delete or read back from one, but possibly not the other. At least now I know what’s going on, and I can also make sure always to restore the Chrome application data in future.

This entry was posted in OS X, productivity. Bookmark the permalink.

Comments are closed.