I'm assuming the threat is considered to be someone with local physical access to one's computer. Once you've entered your master password then an "attacker" only has to click the burger menu, then "logins" then they can enter a string from a website login URL, maybe "porn" and it would show the website's full domain, the username used, when the site was first and most-recently visited, and how many visits were made over time -- if it keeps bookmarks with all the info -- if you were using privacy mode to hide your tracks then it's not working there.
If you use Private Mode all the time then can't you just set the browser to act as if it were in private mode but with more fine-settings choice, that way you could have had password saving all along.
So, I'm still not really seeing the benefit.
That said, presumably the password db could have salted-hashes in in-place of domains/URLs for "privacy mode passwords" and then they'd be very hard to casually discover; that might be closer to user expectations.
If you use Private Mode all the time then can't you just set the browser to act as if it were in private mode but with more fine-settings choice, that way you could have had password saving all along.
So, I'm still not really seeing the benefit.
That said, presumably the password db could have salted-hashes in in-place of domains/URLs for "privacy mode passwords" and then they'd be very hard to casually discover; that might be closer to user expectations.