Chrome Team Working On Browser-Based Password Picking

In the future, you may never have to pick a password again, as Google's Chrome may not only come up with the passwords you use, but also change them if it feels your accounts have been hacked. The Google Chrome team is working on an interesting feature for upcoming versions of Chrome, namely automatic password generation. Not the bland password generation that's been a feature of many applications for years — this would involve Chrome itself picking the passwords, and, where it felt it was necessary, changing them. You'd never even know what they were.

The Chromium development pages have the details of Chrome's current work towards such a goal, noting that while the long-term goal is a single browser sign-in along with OpenID, that's some years away. The idea with a Chrome-generated password is that because you don't know it, phishing attempts can't work on you. It's logical enough to a certain extent, but does face some problems; the site notes that detecting login pages can be tricky, and any site that doesn't accept autocompletes — most banking sites shouldn't, for example — won't work with the currently mooted approach.

What do you think? Would you be happy handing over complete control of your passwords to your browser? [Chromium Project via Wired]


    The only people I trust with my passwords are myself and my partner, and even then she doesn't know all of them.

    It's really not that difficult to create and remember passwords. That said, as a Network Admin I have to deal with the "I've forgotten my password" call far too often every month...

      Rich, spot on.

      I take responsibility for keeping my passwords secure myself. They stay with me.

    I would be happy to let chrome do this for some websites. I'd never trust it for websites like pay pal that have access to my credit card or banking information.

    I'm not sure if I like it automatically changing my password for me... Other than that, most of this functionality is covered by extensions like LastPass.

    don't understand why there's no option to just have a log-in and password to chrome (or whatever browser) itself, with a firewall between users, usable from wherever you log-in to that browser account. that way you only ever need the one password...meh, i'm not a techie...

    Ok, so I'm not on my home pc where Chrome generated all those passwords. How do I access those sites from another machine which doesn't have Chrome installed?

    I wouldn't trust it anyway.

      That's the genius of it, Matt. How *would* you access all those accounts from another device?

      Ooh, let me think... why, that sounds exactly like a problem that could be solved by The Cloud!

      And if that sounds like the most insidious route to global personal ID that you've ever heard, just remember: it keeps the internet safe, it keeps dissidents accountable and it probably stops 1% of credit card fraud right in its tracks!

      Said Cloud Provider then keeps all your passwords safe (even from you) and may even conveniently log in as you to various websites, to help you "search all your stuff from one place".

Join the discussion!

Trending Stories Right Now