Detailed analysis by Wladimir Palant on Chrome and Firefox Sync
TL;DR - Don’t use them
Google Chrome Sync
To give you an idea of what that means, I’ll again use the numbers from this article as a reference: with that iterations count, a single Nvidia GTX 1080 graphics card could turn out 3.2 million PBKDF2-HMAC-SHA1 hashes per second. That’s 3.2 million password guesses tested per second. 1.5 billion passwords known from various website leaks? Less than 8 minutes. A 40 bits strong password that this article considers to be the average chosen by humans? That article probably overestimates humans’ capabilities for choosing good passwords, but on average within two days that password will be guessed as well.
The remarkable part of this story: Mozilla paid a security audit of Firefox Accounts, and that audit pointed out the client-side key derivation as a key weakness. So Mozilla has been aware of this issue for at least 18 months, and 8 months ago they even published this information. What happened? Nothing so far, the issue didn’t receive the necessary priority it seems. This might have been partly due to the auditor misjudging the risk: