Then nothing can save you! If a system is compromised then whatever you do on the system is not safe.
I think you guys misunderstood my point.
System can get compromised even if one is safe and using only paid, highly known softwares. It is hard to do but there's still some chance. Coding and open source have become complex over the years. Even well known open source software or libraries are found to have malicious code in them. Your boss sends you an excel file with big vba code inside. And you have no option but to work it. Shit happens. My beef isn't with all that. I have problem with Microsoft's attitude of leaving everything out in the open. Providing all of the resources to all of the running programs is dangerous. I feel more comfortable running a shady program on my android mobile than on my computer because I know how good is android's sandboxing. It completely isolates the program. Why can't microsoft do it with their windows? It's very easy to do something malicious on windows. Takes only a few lines of codes. It's not the same on android. Why doesn't windows ask me before giving full permission of webcam and mic to the chrome? How can Edge easily see the history or passwords saved in chrome? Why can't windows block applications from peeping into each other?
We have to live in real world and it's not an ideal place to live. Anything can happen. You are driving down the road, minding your business, driving carefully. Still some drunken driver in his car crashes into you. It's not your fault. In such situation you do have basic safety like seat belt, airbags that can save you, don't you? Or do you say, hey somebody crashed into me, it's a game over and now I must die?
We get such safety on Android but why not on Windows? I hope you get my point.
KeePass is just one of the things which may be compromised.
I haven't fully read the article. I hadn't heard of this password manager before this thread. I thought it might be relevant so I shared.
Yup, you are right. Chrome asks for pc password, so if a pc is without a password then the access is granted.
Ok. I initially thought you were talking about google's password that's needed for syncing. But you are talking about having to use pc user's password to view passwords in chrome. On windows, yes chrome relies on windows encryption to save stuff. What google has done is that they have delegated the security to Microsoft. They have transferred the blame on the microsoft. If tomorrow, some big hacking happens, google's gonna point the finger at microsoft. At least they are doing something now. Few years ago, chrome was saving passwords in a plain text file.
Now, you might ask, hey at least now my passwords are safe right? Well, no! This windows encryption is practically useless. Anyone can bypass it super easily. If you have another user added on your system, go to their user directory. Windows will warn you hey this thing is encrypted, you don't permission and crap. You just have to press ok. It'll take a few seconds and voila that users directory is now unencrypted.
Use bitwarden as your password manager. It doesn't rely on windows for its security.