How to Recover Saved Passwords in Google Chrome
This research article shows you all password secrets of Chrome browser including where all your website passwords are stored, how it is stored and how to recover it automatically.
Chrome Password Secrets
Chrome browser stores all your website login passwords in the “Login Data” file at following location
[Windows Vista/7/8/10] C:\Users\[user_name]\AppData\Local\Google\Chrome\User Data\Default\ [Windows XP/2003] C:\Documents and Settings\[user_name]\Local Settings\Application Data\Google\Chrome\User Data\Default\
This “Login Data” file is stored in SQLite database format. It contains database table called “logins” where each website login details are stored.
Here are some of the interesting fields stored in this table,
origin_url - main link of the website action_url - login link of the website username_element - name of the username field in the website username_value - username used for login password_element - name of the password field in the website password_value - password used for login (encrypted) date_created - date when it is stored times_used - how many times this password is used blacklisted_by_user - set to 1 means password is never stored
Here action_url, username_value and password_value refers to website login link, username and encrypted password respectively.
Based on Chrome version, different password encryption technique is used as explained below.
Chrome v80.0 and higher
New Chrome version (v80.0 & higher) uses Master Key based encryption to store your web login passwords.
Here is how it generates the Master Key. First 32-byte random data is generated. Then it is encrypted using Windows DPAPI (“CryptProtectData”) function. To this encrypted key, it inserts signature “DPAPI” in the beginning for identification.
Finally this key is encoded using Base64 and stored in “Local State” file in above “User Data” folder.
Below is the sample entry of encrypted master key.
"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEA0RGbegD...opsxEv3TKNqz0gyhAcq+nAq0"},
Now to store the web login password, Chrome encrypts it using AES-256-GCM algorithm with the above master key and 12-byte random IV data. Finally, it inserts signature “v10” to the encrypted password and stores it in above “Login Data” file.
Below is the structure of new encrypted password,
struct WebPassword { BYTE signature[3] = "v10"; BYTE iv[12]; BYTE encPassword[...] }
Chrome v79.0 and older
Older version of Chrome encrypts the website password using Windows DPAPI (“CryptProtectData”) function and stores the encrypted password in above “Login Data” file.
Both Chrome versions uses DPAPI functions to perform encryption of password using user and machine specific data. As a result encrypted password cannot be decrypted by another user or on another computer.
For 100% Password Recovery from External Drive, Download
How to Decrypt Chrome Passwords
Chrome version (v79.0 or earlier) used Windows DPAPI function, CryptProtectData to encrypt the website password. We can decrypt this password using the function called CryptUnprotectData.
Here is the sample C++ program to decrypt the Chrome website password.
void DecryptPassword(char *passData, int passLen, char *password, int length) { DATA_BLOB DataPassword; DATA_BLOB DataOutput; DataPassword.cbData = passLen; DataPassword.pbData = (BYTE *) passData; if( CryptUnprotectData(&DataPassword, NULL, 0, 0, 0, 0, &DataOutput) == FALSE ) { printf("CryptUnprotectData failed with error 0x%.8x", GetLastError()); return; } memcpy(password, DataOutput.pbData, DataOutput.cbData); password[DataOutput.cbData] = 0; printf("Successfully Decrypted Password is %s ", password); }
How to Recover Chrome Passwords Automatically
Here is simple way to recover all your Chrome website passwords without worrying about where it is stored and how to decrypt it.
You can use our XenArmor Browser Password Recovery Pro software to instantly & easily recover all your saved website login passwords from Chrome as shown in video below,
Here are the simple steps to recover all your saved passwords,
- Step 1: Download & Install Browser Password Pro from here
- Step 2: Next launch the software on your computer
- Step 3: It will automatically discover, decrypt and display all the saved Chrome passwords as shown below
For more details, please refer to Online User Guide
Hope this article has helped you to understand the password secrets of Google Chrome browser.
Let us know what do you think. Please comment below if you have any queries or suggestions.
Recommended Posts
How to Recover Remote Desktop Password from UltraVNC
November 16, 2019
How to Recover Remote Desktop Password from RealVNC
November 16, 2019