Google Working On Password Generator For Chrome 175
Trailrunner7 writes "Google is in the process of developing a tool to help users generate strong passwords for the various and sundry Web sites for which they need to register and authenticate. The password-generator is meant to serve as an interim solution for users while Google and other companies continue to work on widespread deployment of the OpenID standard. The tool Google engineers are working on is a fairly simple one. For people who are using the Chrome browser, whenever a site presents them with a field that requires creating a password, Chrome will display a small key icon, letting the users know that they could allow Chrome to generate a password for them."
OpenID (Score:5, Informative)
So you can safely ignore the naysayers who claim OpenID is dead and there wasn't any takeup. It's huge, it just didn't take the form most people imagined.
Already Exists: http://passwordmaker.org/ (Score:5, Informative)
Already Exists: http://passwordmaker.org/ [passwordmaker.org]
Google Chrome: http://passwordmaker.org/Google_Chrome [passwordmaker.org]
Re:What could go wrong? (Score:5, Informative)
Google is the only holdout on Do Not Track. Every other major browser vendor has adopted.
Really?
Perhaps you should have Googled it before shooting your mouth off...
Google Releases “Do Not Track” Extension for Chrome
Google is announcing that they have released a “Do Not Track” extension for Chrome called Keep My Opt-Outs that blocks advertisements that are based on browser history. It hasn’t been made mandatory by any governments yet, but it’s been clear that ever since the Wall Street Journal’s series on how advertisers track user information on the web that this was going to happen.
Already the Chrome team has been testing an experimental feature that allows you to block all new third party cookies from being set. These pieces of information can travel with you and record information about your habits on the web. They are also useful for saving other information such as preferences and login information, but the marketing opportunities that can be taken advantage of with cookies is enough to make some people want to turn them off.
This extension solves that, as Google believes this is the correct way to ward of ad tracking.
http://www.thechromesource.com/google-releases-do-not-track-extension-for-chrome/ [thechromesource.com]
Re:What could go wrong? (Score:4, Informative)
OpenID wasn't created by nor owned by google. It was created by LiveJournal and "run" by a bunch of different people/companies: yahoo, microsoft, symantec, paypal, facebook and so on. It has also been available for years before google jumped in. There are many ways to authenticate as well, not just single password logins.
Here is an official list of recommended providers: http://openid.net/get-an-openid/ [openid.net]
Re:xkcd (Score:4, Informative)
It's not only about having more entropy. As the top half of the comic suggest, Joe User who is new at managing passwords may have a hard time remembering "Tr0ub4dor!", and that may lead to less security if he resorts to guessable passwords or the dreaded Post-It.
Then comes the nasty issue of restrictions - "must be between 8 and 15 characters, with mixed case, at least one number and one symbol" (I kid you not). They're practically telling you to use 1-2 common words in l33tsp34k. There are ways around that: e.g., take the first two letters of your passphrase and "scramble" that in a compatible but consistent manner: "correcthorsebatterystaple" --> "C0h0b45t!". Don't try (too hard) to show the admin the error in his ways.