[joelthelion]

You guys are giving administrators way too much power without any good reasons.

I realize that if they really wanted, they could give up on Chrome and use something else, but for many of them, they will simply lock everything down out of laziness and probably wouldn't without a convenient way of doing so.

An example out of many: why give admins a simple way to disable the built-in password manager? This just enables dumb and archaic password policies for no good reason.

[tremon]

As to your last question, many organizations have a central password management system that lets them audit who uses which password and when. Having the passwords stored in a secondary system makes the audits useless.

[marwis]

Except when they don't have such central password management system yet still block them. Which is what I saw in most large organizations.

[Nextgrid]

Anyone wanting to evade such audits can just write down the password somewhere else such as a piece of paper.