Monday 20 February 2012

Google to get Chrome password generator.

Folks at Google are now toying with the idea of introducing a password generator on their Chrome browser, which would reduce the risk of losing one's details, and other private information to a weak password. While still in its conceptual stage, a blog post on Chromium projects reveals Google's game plan. Google plans to introduce a password generator for their widely used Chrome browser, which will give the users an option to use the password, which Chrome suggests, ideally would be a strong one - difficult to break into. The post, while describing this, states, "Chrome's long term solution to this problem is browser sign in plus OpenID. While implementing browser sign in is something that we can control, getting most sites on the internet to use OpenID will take a while. In the meantime it would be nice to have a way to achieve the same affect of having the browser control authentication. Currently you can mostly achieve this goal through Password Manager and Browser Sync, but users still know their passwords so they are still susceptible to phishing. By having Chrome generate passwords for users, we can remove this problem."


Google has outlined the design it has in mind for a set-up like this. To begin with, Google adds that the firsts of their challenges will be to determine when they're on a sign-in page, i.e. a page with account name field and two password fields. Once there, Google will introduce, what they call a "small UI element" the password field, which when clicked on will open a dialog box, asking the user, if they'd want Chrome to manage their password for them; if the user agrees, then Chrome opens up a small dialog box showing a random password. Google adds, "The reason we don't just choose a password for them is that many sites have requirements (e.g. must have one digit, must be alphanumeric, must be between 6 and 20 characters) some of which may be contradictory between sites. So we will choose a default generator that will work on most sites, but users may need to change our password if it doesn't work."

Another of Google's challenges will be when a user decides to change his or her password. In such cases, Google will have to determine, if a particular page is the one where a user can change their password. Google claims that this can be done by simply determining whether a user is currently logged into the site.

It will just be a matter of time before Google puts out its new password generator in use for users.

No comments:

Post a Comment