When I sniff it on you local network I can probably guess your username (helped by the 3 byte hash, to confirm),
and with my 2TB rainbow table your password is known in 0.5 seconds.
> When I sniff it on you local network I can probably guess your username (helped by the 3 byte hash, to confirm),
> and with my 2TB rainbow table your password is known in 0.5 seconds.
A rainbow table is only used when there is no salt in the hash. Also, if someone sniffs on your network (and can sniff on https requests), you got much bigger problems bud.
Edit: tho I'm not sure if chromium salts the password.
Then turn off password saving in chrome settings.
The password is hashed, it doesn't hurt.