Why doesn't Chrome OS show WiFi passwords?

[alexander taylor]

Chrome OS will not reveal a WiFi password after saving it (without going into developer mode [1]). It's been said that "To allow devices connected to a WiFi network to display the password would be a security issue." [2]

But can someone explain why this would be a security issue or explain more about the threat model?

It just doesn't make any sense to me. We have to assume it's the logged in user accessing the password if the Chromebook device is unlocked, and if the user typed the password into their computer in the first place then they very well might already know the password, so I don't see any harm in showing it in case they merely forgot what they entered earlier. All this limitation does is burden the user with saving a copy of the password elsewhere, I would argue.

Thanks for helping me understand. I like to think my operating system is rational :)

[1] https://www.androidauthority.com/how-to-find-wifi-password-on-chromebook-3342175/

[2] https://support.google.com/chromebook/thread/200605061/why-i-cant-see-that-wifi-password?hl=en

[alexander taylor]

Someone DM'ed me and saying they guessed it could be to minimize damage to a network if someone gets access to an unlocked device. I'm still curious as to whether that is the real reason. But in that case, even if they don't get my WiFi passwords, they could still install malicious certificate authorities and change my proxy/dns settings and bookmarks to spy on me or for a MitM attack, or other stuff like forwarding my gmail or downloading my data (thanks Chat GPT for the ideas). For me that would be worse than someone getting on any of my WiFi networks. I'm often just at a friend's house and trying to get internet from their guest network. But for others who have lots of important stuff on their WiFi, I guess it could be different.

I wish Chrome OS made it an option at the time of saving the password whether to allow showing it later, or offer to store a copy in Google Password Manager, or just allow showing any WiFi password after an OS password verification prompt. At the very least, even a reminder while joining the WiFi that the password won't be retrievable later would suffice so I'll remember to keep a copy in my password manager.