So I was trying to summarize the linked article to my wife in an easy to understand way, making sure she doesn't let Google Chrome save passwords on her workstation at work, since the vulnerability could potentially exploit saved logins across devices. She says, no never, I always tell Chrome no when it asks to save passwords. She goes on to say, I keep all my passwords and usernames in an Excel file on my computer [workstation]. Me: Is this Excel file encrypted? Her: no, why would it need to be? After suppressing the urge to emit a primal scream, I tactfully and nicely convinced her to delete it and clear the recycle bin, change all the passwords (including to our online banking which she accesses from work). And gently told her not to warehouse login info that way anymore.
I'm going to see if she can setup a password keeper like Last Pass on her workstation. Unencrypted excel file. Holy hacker heaven, Batman !!!