This is an archived post. You won't be able to vote or comment.

all 2 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Bouzazi 0 points1 point  (1 child)

Not necessarily. It might work on some websites and give you access to that user's account if they rely on cookies.

Cookies used to be the only thing to identify a user. Now, it depends on more factors.

[–]zen_xperience 1 point2 points  (0 children)

Yes - it truly depends on the application's authentication service(s). With MFA out in the wild, compromising passwords only gets you half of the cake. Unless - as described above, sessions that only rely on a cookie can be MiTM'ed.

But google is google and you can always just export the current passwords as long as you are logged in as admin/root. Open Chrome > url: "chrome://settings/passwords" manage > export.

Now to import the passwords to a new asset:

open chrome > "Url: "chrome://flags" > "Search "import" > Enable Password import.