It's always annoyed me that Chromium-based browsers have never supported master passwords, in the first place. This is one of the biggest reason's I've always used a Gecko-based web browser as my primary browser.
I understand that Google wants users to always be logged into their Google account, so they have to make the built-in option worse than the cloud option, but that's no excuse for purposely making the built-in option insecure. If you're not going to make a secure password manage an option, don't include one at all.
I don't want my passwords stored on the cloud, for obvious reasons, and I'm not a fan of Linux keyrings relying on D-Bus for security, and considering that there's only one application that I would store passwords for, I might as well have them stored by that application, if it can do so securely.
It's always annoyed me that Chromium-based browsers have never supported master passwords, in the first place. This is one of the biggest reason's I've always used a Gecko-based web browser as my primary browser.
I understand that Google wants users to always be logged into their Google account, so they have to make the built-in option worse than the cloud option, but that's no excuse for purposely making the built-in option insecure. If you're not going to make a secure password manage an option, don't include one at all.
I don't want my passwords stored on the cloud, for obvious reasons, and I'm not a fan of Linux keyrings relying on D-Bus for security, and considering that there's only one application that I would store passwords for, I might as well have them stored by that application, if it can do so securely.
Ubuntu ships a Chromium browser that has its abilitiy to store passwords safely sandboxed/containerized away.
I did not expect that, given that Ubuntu comes with a full GUI and thus safe password storage backend available in theory.
Because this issue is open since 2022, I wrote a repro that proves its existence:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+...
All credit goes to user "Erlenmayr" who reported this.
To see whether there are plain text passwords on your non-Snap chromium, change this line in the linked password dumper script: