A few weeks ago, Google Chrome suddenly started to request my linkedin password from the keychain on startup, before any web page is loaded. Every time I open the browser window, after a few seconds, the following message pops up (I remove my email address from the image):
Even more annoyingly, once I click "Deny" the window closes only for a few seconds before re-appearing! In total I have to click away this message between 2 and 4 times every time I start the browser (the exact number differs between runs). Whether I try to use the browser or just let it sit idle seems to make no difference.
My questions:
-
Why is Google Chrome requesting this password and how can I make it stop doing so?
-
How could/should I debug issues like this myself?
Things I have tried unsuccessfully:
-
I have remove Google Chrome from the computer and deleted the directory
~/Library/Application Support/Google/Chrome. After re-downloading and re-installing Chrome the message reappears. Thus I believe the problem is not due to something contained in my configuration files. -
I synchronise my settings, bookmarks, etc. via the cloud storage tied to my Google account. Since the problem only appears on one of my computers, I don't think it has to do with my settings. To make sure I searched for "linkedin" in the "Bookmark Manager" and the "Cookies and site data" pane, but there are no hits.
-
I tried to visit
chrome://net-internals/#eventsquickly, so that I reach the events listing before the first keychain popup appears. Nothing linkedin-related shows in the list.
After this I couldn't think of anything else to try. Help would be much appreciated.
Best Answer
Google Chrome has the option of saving user credentials to web services. At first login, Chrome asks if credentials should be saved now, saved later, or never saved. Access to the credentials stored by Chrome, and control over these credentials, is found in the Chrome > Preferences > Settings > Show advanced settings... > Passwords and forms > Manage saved passwords link.
Unusual web service login requests that occur on application launch, or at odd times during a browsing session, can sometimes be traced to Chrome saved credentials. When these credentials also involve the user keychain, I suggest that the credentials be deleted from both the Chrome saved passwords list as well as from any associated keychain entries. There may be multiple keychain entries, too, which should be deleted.
Furthermore, if you sign into your Google account in Chrome to take advantage of the syncing functions, (which can be quite useful,) you have the option of saving and syncing passwords along with other elements. Depending on your level of paranoia, you may want to shut this down or never sign into your Google account.
Personally, I never save any credentials to financial or medical sites, nor do I save credentials to my school's file servers and web services.