What you need to know
- A bug in Chrome version 127 caused passwords to vanish for around 15 million Windows users. The issue lasted for nearly 18 hours before being fixed.
- Users had to use a command line flag as a temporary fix, but the final solution required just a browser restart (yes, turn it off and on again!).
- This incident highlights the risks of relying solely on browser-based password managers.
To put it bluntly, it's not been a great month for tech giants. Earlier this month, the CrowdStrike bug brought many businesses to a complete standstill and left millions facing the Blue Screen of Death, causing disruption many are still recovering from following postponed flights and surgeries, to name just a few inconveniences.
Well, not to be left out, Google had to cause its own chaos, according to this report from Forbes. Windows users clearly haven't suffered enough and an estimated 15 million of them were locked out of their own passwords for nearly 18 hours from July 24 to July 25 due to "a change in product behavior" with Google Chrome.
Chrome's Password Manager — not a failsafe
Tired of clicking “Forgot password?” Use Google Password Manager to securely access passwords across iOS, Android and desktop. pic.twitter.com/02ERJtEpTNJuly 2, 2024
The specific problem affecting Windows users was with Google Password Manager. With Chrome boasting more than 3 million users, there are a hell of a lot of people reliant on this feature. I count myself among them, and I wouldn't be able to access many sites I use on a daily basis without Google Password Manager remembering all of my convoluted passwords.
The issue, limited at least somewhat to the M127 version of the Chrome browser on Windows, prevented users from accessing previously stored passwords and rendered new passwords completely invisible. While limited to this specific update, that's still a huge chunk of users, which Forbes predicts to have been around 15 million.
At the time, there was a workaround, but not one most end users would be comfortable implementing as it involved launching the browser with a command line flag. This issue, which has now been fixed, now simply requires a browser restart, but it took up to 18 hours to get fixed. Google extended its apologies to customers, saying “We apologize for the inconvenience this service disruption/outage may have caused.”
Rethinking my dependency on Google Chrome password manager
Thankfully, I wasn't one of the users affected by the error, but it has got me thinking; perhaps being solely reliant on Google Password Manager alone for pretty much every single website I use isn't the brightest idea. I've passwords for everything from work to government websites I use for childcare subsidies, all dependent on my belief that password manager will always 'just work'. I've used apps such as Keepass in the past, but Bitwarden is probably the most popular free encrypted password database right now, with paid options from Nordpass being even higher rated. Either way, if you are as dependent on a password manager as I am, it's probably best not to store everything in one and one alone, especially in this age of tech mishaps. Unfortunately, I can't just set my password as P@$$word for everything, so I'll be checking out our friends at Tech Radars' guide to the best password managers to choose a backup and advise you to do the same!
