Linux – Gnome Keyring / Seahorse and why it’s storing the passwords in plaintext

firefoxgnomegoogle-chromelinuxpasswords

I'm using Fedora 22 with the Gnome environment (but I have i3 window manager too) and I get a great surprise when I have found the existence of a tool called Gnome Keyring, formerly know as Seahorse.

Full text:

I'm currently increasing my security using a password manager and two-factor authentication for everything, I also have disabled browser password managers and cleaned all my passwords from Chrome (Beta) and Firefox. My default browser is Chrome, but I don't use it anymore (just for Netflix and Hangouts), the browser I use today is Firefox.

I was really surprised when I discovered Gnome Keyring, a tool that I never heard about and that was saving all my passwords in PLAINTEXT without my consent.

TL;DR:

  • What is Gnome Keyring / Seahorse?
  • Why it's storing passwords in plain text, allowing anyone to see passwords?
  • How can I disable this from my computer? I never enabled that.

The most interesting question: why it's storing passwords without my consent?

Best Answer

What is Gnome Keyring

It's a password storage system – exactly like the one inside Chrome, and exactly like the one inside Firefox, except it's system-wide and it's encrypted by default.

This is in fact why Chrome uses it – Chrome's own password storage is not encrypted. GNOME Keyring is a system component, knows your login password, and can use it as the encryption key for everything else. Chrome is just an app and doesn't have any keys it could use.

In KDE, Chrome uses KWallet for the same purpose. (On Windows, I think it has its own database, but asks the OS to hold just the "master key".)

What about Firefox? Well, technically Firefox's password database is encrypted. However, the encryption key is stored in a file right next to the database meaning other programs can easily decrypt the passwords anyway. Without a system keyring, password storage is like writing the PIN code on your credit card.

Seahorse?

Seahorse is the management app for GNOME Keyring.

Why it's storing passwords in plain text,

It's not. On disk they are encrypted (using your Linux password). Of course they must be decrypted in memory, so that programs could use them. Chrome can't autofill a password unless it can access that password in plaintext.

(Note again that GNOME Keyring encrypts its password storage, but Chrome itself does not.)

allowing anyone to see passwords?

Do you give your Linux password to anyone? If not, then anyone cannot see the keyring contents without your login password.

How can I disable this from my computer?

You can start Chromium with the --password-store=basic option. Note that with this option you would lose any encryption you had. The passwords would be stored in a SQLite3 database ~/.config/chromium/Default/Login Data, in plain text.

The most interesting question: why it's storing passwords without my consent?

You gave your consent when Chrome asked "Do you want to save this password?" and you clicked "Save" in the popup. Whether the password is hidden inside Chrome's own database or a common system one is irrelevant.