Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(34)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1846623002: Remove password-manager-reauthentication flag (Closed)

Created:
4 years, 8 months ago by vabr (Chromium)
Modified:
3 years, 10 months ago
CC:
chromium-reviews, dbeam+watch-options_chromium.org, extensions-reviews_chromium.org, michaelpg+watch-options_chromium.org, vabr+watchlistpasswordmanager_chromium.org, michaelpg+watch-md-settings_chromium.org, tnagel+watch_chromium.org, michaelpg+watch-md-ui_chromium.org, arv+watch_chromium.org, asvitkine+watch_chromium.org, chromium-apps-reviews_chromium.org, gcasto+watchlist_chromium.org, stevenjb+watch-md-settings_chromium.org, dbeam+watch-settings_chromium.org, mkwst+watchlist-passwords_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Remove password-manager-reauthentication flag The flag allowed to switch off reauthentication before viewing passwords on Mac and Win, a feature which has been launched two years ago. Together with removing the flag, also the preference password_manager_allow_show_passwords is removed -- it had no effect unless the password-manager-reauthentication flag was set. After this CL, Chrome on Mac or Win will not put passwords inside about:settings/passwords unless the user reauthenticated. BUG=598698 Committed: https://crrev.com/f639489fe56fd214f2584a71a90d36b30bdfb33c Cr-Commit-Position: refs/heads/master@{#384601}

Patch Set 1 #

Patch Set 2 : Fixed JSON issues #

Patch Set 3 : Just rebased #

Total comments: 8

Patch Set 4 : Comments addressed #

Total comments: 2

Patch Set 5 : Deprecated: true #

Patch Set 6 : Just rebased #

Unified diffs Side-by-side diffs Delta from patch set Stats (+36 lines, -124 lines) Patch
M chrome/app/generated_resources.grd View 1 2 3 4 5 1 chunk +0 lines, -6 lines 0 comments Download
M chrome/browser/about_flags.cc View 1 2 3 4 5 1 chunk +0 lines, -5 lines 0 comments Download
M chrome/browser/android/password_ui_view_android.h View 1 2 3 1 chunk +2 lines, -2 lines 0 comments Download
M chrome/browser/android/password_ui_view_android.cc View 1 chunk +1 line, -3 lines 0 comments Download
M chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl.h View 1 chunk +2 lines, -3 lines 0 comments Download
M chrome/browser/extensions/api/passwords_private/passwords_private_delegate_impl.cc View 1 chunk +1 line, -2 lines 0 comments Download
M chrome/browser/extensions/api/settings_private/prefs_util.cc View 1 2 3 4 5 1 chunk +0 lines, -2 lines 0 comments Download
M chrome/browser/policy/configuration_policy_handler_list_factory.cc View 1 chunk +0 lines, -3 lines 0 comments Download
M chrome/browser/resources/options/password_manager_list.js View 1 2 1 chunk +0 lines, -3 lines 0 comments Download
M chrome/browser/resources/settings/passwords_and_forms_page/passwords_and_forms_page.html View 1 2 1 chunk +1 line, -3 lines 0 comments Download
M chrome/browser/ui/passwords/password_manager_presenter.h View 1 2 3 4 5 1 chunk +0 lines, -7 lines 0 comments Download
M chrome/browser/ui/passwords/password_manager_presenter.cc View 1 2 3 4 5 4 chunks +3 lines, -30 lines 0 comments Download
M chrome/browser/ui/passwords/password_manager_presenter_unittest.cc View 1 2 3 4 5 5 chunks +10 lines, -19 lines 0 comments Download
M chrome/browser/ui/passwords/password_ui_view.h View 1 chunk +1 line, -2 lines 0 comments Download
M chrome/browser/ui/webui/options/password_manager_handler.h View 1 2 3 1 chunk +2 lines, -2 lines 0 comments Download
M chrome/browser/ui/webui/options/password_manager_handler.cc View 1 2 2 chunks +5 lines, -10 lines 0 comments Download
M chrome/common/chrome_switches.cc View 1 2 3 4 5 1 chunk +0 lines, -5 lines 0 comments Download
M chrome/test/data/policy/policy_test_cases.json View 1 1 chunk +1 line, -5 lines 0 comments Download
M components/password_manager/core/browser/password_manager.cc View 1 chunk +0 lines, -2 lines 0 comments Download
M components/password_manager/core/common/password_manager_pref_names.h View 1 chunk +0 lines, -4 lines 0 comments Download
M components/password_manager/core/common/password_manager_pref_names.cc View 1 chunk +0 lines, -2 lines 0 comments Download
M components/policy/resources/policy_templates.json View 1 2 3 4 2 chunks +7 lines, -4 lines 0 comments Download

Messages

Total messages: 26 (10 generated)
vabr (Chromium)
Hello reviewers! Please review the following: @bartfab components/policy/resources/policy_templates.json chrome/test/data/policy/policy_test_cases.json chrome/browser/policy/configuration_policy_handler_list_factory.cc @vasilii chrome/browser/ui/passwords/* components/password_manager/core/* chrome/browser/about_flags.cc chrome/common/chrome_switches.cc ...
4 years, 8 months ago (2016-03-31 13:57:57 UTC) #2
Bernhard Bauer
LGTM w/ nits: https://codereview.chromium.org/1846623002/diff/40001/chrome/browser/android/password_ui_view_android.h File chrome/browser/android/password_ui_view_android.h (right): https://codereview.chromium.org/1846623002/diff/40001/chrome/browser/android/password_ui_view_android.h#newcode37 chrome/browser/android/password_ui_view_android.h:37: password_list) override; Ick. I would probably ...
4 years, 8 months ago (2016-03-31 14:34:27 UTC) #3
Finnur
chrome/browser/extensions/api/* LGTM
4 years, 8 months ago (2016-03-31 15:08:10 UTC) #4
vasilii
https://codereview.chromium.org/1846623002/diff/40001/chrome/browser/about_flags.cc File chrome/browser/about_flags.cc (left): https://codereview.chromium.org/1846623002/diff/40001/chrome/browser/about_flags.cc#oldcode926 chrome/browser/about_flags.cc:926: IDS_FLAGS_PASSWORD_MANAGER_REAUTHENTICATION_DESCRIPTION, kOsMac | kOsWin, The strings are to be ...
4 years, 8 months ago (2016-03-31 15:34:38 UTC) #5
vabr (Chromium)
Thanks for the reviews so far! Vasilii (and Bernhard), please have a look at how ...
4 years, 8 months ago (2016-03-31 15:47:20 UTC) #6
vasilii
lgtm
4 years, 8 months ago (2016-03-31 15:55:59 UTC) #7
commit-bot: I haz the power
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1846623002/60001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1846623002/60001
4 years, 8 months ago (2016-03-31 16:00:30 UTC) #9
commit-bot: I haz the power
Dry run: This issue passed the CQ dry run.
4 years, 8 months ago (2016-03-31 16:58:13 UTC) #11
bartfab (slow)
Policy lgtm https://codereview.chromium.org/1846623002/diff/60001/components/policy/resources/policy_templates.json File components/policy/resources/policy_templates.json (right): https://codereview.chromium.org/1846623002/diff/60001/components/policy/resources/policy_templates.json#newcode1195 components/policy/resources/policy_templates.json:1195: 'example_value': False, Nit: Please add: 'deprecated': True,
4 years, 8 months ago (2016-04-01 14:54:16 UTC) #12
vabr (Chromium)
Thanks! https://codereview.chromium.org/1846623002/diff/60001/components/policy/resources/policy_templates.json File components/policy/resources/policy_templates.json (right): https://codereview.chromium.org/1846623002/diff/60001/components/policy/resources/policy_templates.json#newcode1195 components/policy/resources/policy_templates.json:1195: 'example_value': False, On 2016/04/01 14:54:16, bartfab (slow) wrote: ...
4 years, 8 months ago (2016-04-01 14:59:01 UTC) #13
commit-bot: I haz the power
COMMIT=false detected. CQ is abandoning the patch.
4 years, 8 months ago (2016-04-01 14:59:30 UTC) #17
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1846623002/100001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1846623002/100001
4 years, 8 months ago (2016-04-01 15:00:11 UTC) #20
commit-bot: I haz the power
Committed patchset #6 (id:100001)
4 years, 8 months ago (2016-04-01 16:21:46 UTC) #22
commit-bot: I haz the power
Patchset 6 (id:??) landed as https://crrev.com/f639489fe56fd214f2584a71a90d36b30bdfb33c Cr-Commit-Position: refs/heads/master@{#384601}
4 years, 8 months ago (2016-04-01 16:23:34 UTC) #24
Will Harris
hmm sorry I did not see this until now. Removing this switch removes a failsafe ...
3 years, 11 months ago (2017-01-24 17:20:36 UTC) #25
vabr (Chromium)
3 years, 10 months ago (2017-01-27 20:45:23 UTC) #26
Message was sent while issue was closed. 
On 2017/01/24 17:20:36, Will Harris wrote:
> hmm sorry I did not see this until now. Removing this switch removes a
failsafe
> case for those users who are currently unable to use reauthentication due to
> outstanding bugs e.g. 347825.
> 
> but I suppose it's a bit late now to put this back in?

Removing the escape hatch is an unfortunate effect. But at the same time, if the
feature is aimed at protecting the privacy against casual snoopers, having a
flag to disable it renders it useless enough to discard completely, IMO.

Reintroducing the flag will not prevent disruption given its absence for several
months. It might make the disruption shorter, but it also can just decrease the
urgency and put this issue in an indefinite limbo. I don't want the flag to
become a de facto user interface for password manager.

We have a couple of options:

* Ideally if we could figure out what the problem is in cases when the users are
unable to unlock the settings, we can just fix it.

* Or if we can at least detect a class of problematic Windows instances, we
might consider disabling this feature for those. Especially if these are likely
enterprise instances. We would need to consult the privacy team once we know
which class of instances this could be.

* Or we can actually allow the user to switch the guard off, but with a time
delay: "Check this check-box to allow viewing passwords without prompt, starting
in 24 hours" and possibly a running notification: "Passwords viewable without a
prompt in 17 hours. Click this button to cancel." This crude version is likely
impossible to get a UI approval for, but perhaps we could tweak it to be more
palatable.

(* My favourite would be to ditch the reauthentication completely, given its
dubious value with false expectations of protection. But this has been decided
in the past, and the public was apparently furious about it missing on Mac and
Win.)

I'm happy to talk more, with the caveat that I'm working only one day a week
until mid February. During my absence sabineb@, our PM, is a good person to talk
to about this.

Cheers,
Vaclav

Powered by Google App Engine
This is Rietveld 408576698