So I am using Chrome in a corporate context. Outdated password regulations force me to increment my password every three months. The reason for that is well understood (PCI compliance), but can’t be changed from inside the corporation.
Previously, Chrome stored my passwords in the Apple Keychain. So I could script this, using /usr/bin/security and push my password change into all saved passwords, or, alternatively, bulk delete all those old passwords.
Recent Chrome does not do that any more.
Instead the Apple Keychain contains a master password and the Chrome store is implemented internally.
It has no scripting interface, so you have to use the UI.
The UI does not have a bulk search and delete interface. Instead, you have to go through all 300 individual *.companyname.com items, and individually select the three dots menu, navigate to Remove and select Remove. Thankfully, no confirmation requester.
You could select Details, but that’s that: No way to edit for you.
So here is what happens: I now have 300 autosaved outdated passwords in my Chrome password store. Each time I am going to a company website matching *.companyname.com, it will autocomplete wrongly. After 3 attempts, I will lock myself out.
I might remember that, and at some point in time many of those will be updated. Some sites which I am not using as often will still have the password of old. And there is no way to see.