One day web developer Elliott Kember decided to switch from Safari to Chrome and in the process, discovered possibly a serious weakness with local password management in Chrome (http://blog.elliottkember.com/chromes-insane-password-security-strategy). The settings import tool forced the passwords to be always imported, which lead Kember to further investigate how the data can be accessed. For those who actually bother to look at the 'Saved passwords' page, it turns out that anyone with physical access can peek all the passwords in clear text very easily with a couple of mouse clicks. This spurred a lengthy discussion featuring Justin Schuh, the head of Chrome security (https://news.ycombinator.com/item?id=6166886), who says Kember is wrong and that this behavior of Chrome has been evaluated for years and is not going to change.

http://it.slashdot.org/story/13/08/07/1434231/chromes-insane-password-security-strategy