Let's say, there are 2 browsers A and B with the same encrypted data:
{
hash_1: {
secret: <encrypted secret_1 with password_1>
}
}
Once the user changes password in A with password_2
, data on A is now:
{
hash_1: {
secret: <encrypted secret_1 with password_2>
}
}
Now we know account data with hash_1
on A is newer then B, so B's data with hash_1
will be overwritten by A, in another word, one day, data with hash_1
will also have secret encrypted with password_2
on B.
However, we know data sync with Chrome is not instantly, user possible add another account with hash_2
with the old password_1
on B, that is to say B is not synced with A in time, but another account is added. Now data on B is:
{
hash_1: {
secret: <encrypted secret_1 with password_1>
},
hash2: {
secret: <encrypted secret_2 with password_1>
}
}
We notice that data with hash_1
will be synced to A from B, and data with hash_2
will be synced to B from A, then both of A and B have such data:
{
hash_1: {
secret: <encrypted secret_1 with password_2>
},
hash_2: {
secret: <encrypted secret_2 with password_1>
}
}
We cannot handle multi-password currently, so the user will only see part of accounts with different passwords, and Export / Import, Security, Add account will never work.
We really need provide a method to allow users to fix their data then.