Passwords disappear for millions of Windows users thanks to Google
15 million users found themselves locked out of all their passwords for 18 hours thanks to a Google bug
What you need to know
- A bug in Chrome version 127 caused passwords to vanish for around 15 million Windows users. The issue lasted for nearly 18 hours before being fixed.
- Users had to use a command line flag as a temporary fix, but the final solution required just a browser restart (yes, turn it off and on again!).
- This incident highlights the risks of relying solely on browser-based password managers.
To put it bluntly, it's not been a great month for tech giants. Earlier this month, the CrowdStrike bug brought many businesses to a complete standstill and left millions facing the Blue Screen of Death, causing disruption many are still recovering from following postponed flights and surgeries, to name just a few inconveniences.
Well, not to be left out, Google had to cause its own chaos, according to this report from Forbes. Windows users clearly haven't suffered enough and an estimated 15 million of them were locked out of their own passwords for nearly 18 hours from July 24 to July 25 due to "a change in product behavior" with Google Chrome.
Chrome's Password Manager — not a failsafe
Tired of clicking “Forgot password?” Use Google Password Manager to securely access passwords across iOS, Android and desktop. pic.twitter.com/02ERJtEpTNJuly 2, 2024
The specific problem affecting Windows users was with Google Password Manager. With Chrome boasting more than 3 million users, there are a hell of a lot of people reliant on this feature. I count myself among them, and I wouldn't be able to access many sites I use on a daily basis without Google Password Manager remembering all of my convoluted passwords.
The issue, limited at least somewhat to the M127 version of the Chrome browser on Windows, prevented users from accessing previously stored passwords and rendered new passwords completely invisible. While limited to this specific update, that's still a huge chunk of users, which Forbes predicts to have been around 15 million.
At the time, there was a workaround, but not one most end users would be comfortable implementing as it involved launching the browser with a command line flag. This issue, which has now been fixed, now simply requires a browser restart, but it took up to 18 hours to get fixed. Google extended its apologies to customers, saying “We apologize for the inconvenience this service disruption/outage may have caused.”
Rethinking my dependency on Google Chrome password manager
Thankfully, I wasn't one of the users affected by the error, but it has got me thinking; perhaps being solely reliant on Google Password Manager alone for pretty much every single website I use isn't the brightest idea. I've passwords for everything from work to government websites I use for childcare subsidies, all dependent on my belief that password manager will always 'just work'. I've used apps such as Keepass in the past, but Bitwarden is probably the most popular free encrypted password database right now, with paid options from Nordpass being even higher rated. Either way, if you are as dependent on a password manager as I am, it's probably best not to store everything in one and one alone, especially in this age of tech mishaps. Unfortunately, I can't just set my password as P@$$word for everything, so I'll be checking out our friends at Tech Radars' guide to the best password managers to choose a backup and advise you to do the same!
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Jen is a News Writer for Windows Central, focused on all things gaming and Microsoft. Anything slaying monsters with magical weapons will get a thumbs up such as Dark Souls, Dragon Age, Diablo, and Monster Hunter. When not playing games, she'll be watching a horror or trash reality TV show, she hasn't decided which of those categories the Kardashians fit into. You can follow Jen on Twitter @Jenbox360 for more Diablo fangirling and general moaning about British weather.
-
fjtorres5591 For online I use two different browsers and their password managers: Edge on Windows, Android, and Fire Tablet and Silk on Fire. And every few months I copy the updated passwords to an encrypted text file backed up in three places.Reply
For email, I use (at least) three addresses, one of which is for "free" online sites, one for ecommerce, and one (paid) for critical stuff.
(The recent wave of Amazon "Prime" scam emails stand out right away by arriving to the wrong address.)
I *never* use Google Chrome or search and Gmail only for google apps on phone.
I neither trust nor like Google.
Paranoia is a survival trait. -
Laura Knotek Chrome is my default browser, but I use Enpass as my password manager for all my devices.Reply -
adventurousAddition65 I use a self-hostet Vaultwarden instance wich can be used on basically all my devices and browsers. As a failsafe I also have simple but encrypted json backups on a separate (offline) device.Reply