Hey, +Google Chrome
: I spoke to someone today who was surprised and upset to learn that Chrome sent all their remembered passwords to Google's servers. While I think a good chunk of responsibility lies with the user for not paying attention when he signed in to Chrome (he says he thought he was signing into GMail), he does have a point: passwords are not explicitly
mentioned on the Chrome sign-in page or the pop-up box after sign-in is complete (see the attached photo that he created).
Password data is too important not to mention explicitly in order to avoid user confusion. A simple solution would be for the Chrome sign-in page to say, "Sign in to get your bookmarks, history, passwords, and settings on all your devices. Learn more."
Additionally, it wouldn't hurt for the "Choose what to sync" option to be checked by default - again, to minimize the potential for a user to be surprised by what data is synced. It might also help to make the font the same size as the sentence above the sign-in box.
cc: +Sundar Pichai +Andrea Mesterhazy +Sarah Morales