I have an app which allows connections to multiple servers. At the moment I'm storing all connection details except the password using chrome.storage.sync.
Is it possible to store username/password combinations using the standard built-in password manager ?
Is it possible to store username/password combinations using the standard built-in password manager?
In short, no. There is no API to work with password storage of Chrome.
How to do authentication in a Chrome extension anyway? Here's an old question on this topic.
What changed since then is that Chrome has now a dedicated API for OAuth, chrome.identity, which provides a secure way of logging onto web services.
However, if you're looking to make something like a local password manager, then you cannot really protect against a malicious user. All storage you can access, and all encryption/decryption functions, are available for a user to inspect.
A server component that handles a certain decryption step is a good measure, but not always applicable.
Edit: as suggested by Vloz, a Native Client module that handles crypto functions is a good step to obfuscate data.
