After the release of Google Chrome 142, some users have reported that the browser extension no longer connects to their Team Password Manager installation, even though the website itself still works normally.
Note that this only happens with Team Password Manager installations in local/private networks. Installations in public domains are not affected.
If this happened to you, here’s what’s going on and how to fix it.
What changed in Chrome 142
Starting with version 142, Google introduced a new security feature called Local Network Access (LNA). This feature limits when websites and extensions can reach devices or servers on your local network. For example, servers at addresses like 192.168.x.x, 10.x.x.x, or *.local.
The goal is to protect users from malicious sites that might try to scan or access resources on private networks.
How it affects the Team Password Manager Chrome Extension
The Team Password Manager Browser Extension communicates with your Team Password Manager installation through its URL, the same address you use to access Team Password Manager in your browser.
Here’s what now happens under Chrome 142:
| Team Password Manager installation location | Example URL | Result in Chrome 142+ |
|---|---|---|
| Public domain | https://tpm.company.com | Works normally |
| Local/private network | https://192.168.1.48 or https://tpm.local | Extension may fail to connect |
| Localhost | https://localhost | Works (special exemption) |
The Team Password Manager web app itself keeps working and you can open it and log in. But the extension fails to connect because Chrome now blocks extensions (which are seen as public origins) from talking to private network resources.
If you're connecting automatically, you'll see that the extension is not connected. If you're connecting manually you'll see this error: Error connecting the extension to Team Password Manager: undefined.
Why This Happens
Chrome classifies network origins into three categories:
- Public: internet domains (like tpm.mycompany.com).
- Private: LAN hosts (192.168.x.x, 10.x.x.x, .local).
- Loopback: localhost and 127.0.0.1.
Requests from public origins to private ones are now restricted. And Chrome treats chrome-extension:// origins (like Team Password Manager's extension) as public.
So even if your browser can open https://192.168.1.48, the extension can’t, because Chrome thinks it’s a public → private request and blocks it.
The solution
In order to allow Team Password Manager Chrome Extension to connect to a Team Password Manager installation in a local/private network, you need to do this:
- Open this URL in Chrome:
chrome://extensions - Look for the Team Password Manager extension and click on "Details".
- Click on "Site settings".
- Set "Local network access" to "Allow":
From now on, the extension should be able to connect normally, whether you connect automatically or manually.
Https and self-signed certificates
Even with Local Network Access = Allow, Chrome still requires a valid TLS certificate for Https connections to installations in local/private networks.
If your Team Password Manager server uses a self-signed certificate, Chrome’s extension context will refuse to connect, because:
- The certificate authority isn’t trusted, and
- Extensions can’t display or bypass certificate warnings.
So:
- Http (http://192.168.x.x) → works (no TLS check)
- Https with valid/trusted certificate → works
- Https with self-signed certificate → fails (the extension can’t override the warning)
Solutions:
- Use a certificate from a trusted CA (Let’s Encrypt or your corporate CA).
- Import your internal CA into Chrome’s trust store on each workstation.
- For testing only, access via Http inside your LAN.
For Administrators: enforcing “Allow” via Group Policy Object (GPO)
Enterprise administrators deploying the Team Password Manager Chrome Extension via GPO can use this registry key to force the Local Network Access = Allow setting to clients:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\LocalNetworkAccessAllowedForUrls
Using this string value (1, 2, 3, ...) for the Team Password Manager Chrome Extension:
1 = chrome-extension://gplomcegacfeolmacnhpopbindboipfl
This policy ensures that all managed Chrome installations allow the Team Password Manager Chrome Extension to communicate with local/private network Team Password Manager servers without requiring each user to adjust their settings manually.
