Ask HN: Why does Google thinks it's okay to store users plain text passwords?
So I was just in the process of handling the aftermath of the theft of one of my relative's phone. Not a tech-savvy person, I'd say they're more or less as knowledgeable as the average Google user.
When checking what could be blocked from their google account, I realized that 60 of their saved passwords/mails were available in plain text when connecting to their google account from a new laptop(with no other input than mail and password), it's even exportable to a nice csv. This apparently seems to be default behavior.
Isn't that insane?
Am I naive to just realize that this is apparently normal to have this kind of stupid design from a trillion dollar tech company?
Is there any sane way of explaining why anyone could have thought that this was an acceptable idea?
6 comments
[ 2.7 ms ] story [ 22.8 ms ] threadPasskeys are more secure than passwords so hopefully the world migrates to that over time.
> Am I naive to just now realize this
We'll give you three guesses and the first two don't count.