Earlier this month, Chrome, Google’s browser brainchild, celebrated 10 years of existence. In honour of this anniversary, Google released a fresh new Chrome redesign, complete with some useful new features for users. One of the new elements in ‘Chrome 69’ is the introduction of a built-in password manager.
Password managers allow you to store the entirety of your login details (usernames and passwords) in one secure location. These are ultra-secure entities that make it far easier for you to use completely different passwords for every site or service you log into. Without a password manager, it’s far too easy to end up using the same password over and over, making all of your personal data incredibly vulnerable to a hacker. What’s more---a password you remember on your own is more likely to be a short and simple one. Yet the strongest passwords are those which are longer, more complex, and contain a variety of randomised numbers, letters, and symbols. Even those of us with the keenest memories will find remembering a myriad of passwords to be a major challenge.
That’s where a password manager comes in. Not only does it securely store all of your unique passwords, retrieving for you when you need to use them, it can also generate random, complicated new passwords with the touch of a button. With strong encryption, password managers can also serve to store other essential online info, such as credit card numbers and their three-digit codes, PINs, and answers to security questions.
The password manager does the hard work for you. All you need to remember is a single password which will unlock your overall password vault. Such a tool is definitely advantageous in today’s online world, when nearly everything we use requires a username and password.
There’s no doubt that Chrome is an excellent browser with a lot of great features. But how will it stack up as a password manager? Would you opt to use it for your password storage---and should you?
How the Chrome Password Manager Works
Chrome’s new password manager will work just like other password managers, but ostensibly it will operate more seamlessly as it is part of the browser itself. Currently, you can use other password managers, such as LastPass, as Chrome extensions, which function smoothly as well. It will be interesting to see if Chrome’s own password manager nudges these other tools out of popularity.
Google has allowed for password storage in the past, via SmartLock, but with this new password manager addition, you can depend on stronger, multiple layers of security, plus syncing of passwords across your devices via your Google account.
Here’s how the Chrome password manager will work. When you’re opening an account on a new site you may be prompted to create a username and a password. After selecting your own username (that’s still up to you) when prompted to create a password, Chrome will automatically generate one for you. To use the Chrome-generated option, click ‘Use Suggested Password’ which will appear. And don’t worry, these passwords are designed to meet the requirements of each site, including, as required, a capital letter, lowercase letters, at least one number, and a symbol.
When visiting a site you’ve previously created login details for, Chrome’s password manager can swiftly retrieve them and fill in the fields. This makes logging in a one-step process, and for sites you visit regularly, it can increase your efficiency while also granting you better security.
If you need to access your ‘master list’ of passwords, you can do so by navigating to passwords.google.com. You will need to enter your master password to access these, but once inside the vault you can find and search the login details for any of your saved sites.
Does this Meet Password Best Practices?
The password manager by Chrome may be simple and straightforward to use---especially because it is integrated right into the browser---but is this the best choice for your password security? One university professor and security researcher reminds us that “password managers are not a magic pill.” But he says they fit the bill for most users when it comes to a “combination of security and convenience.” He also goes onto say that “everyone should be using one.”
But to maximise security it will be important to put additional safeguards in place, including 2-factor authentication. Yet the convenience of the Chrome password manager may influence us to bypass some of these safeguards. When we are prompted to “remember me on this device” for instance, we’re likely to click Yes. But for the most stringent security, we may need to bypass these options and do a bit of extra legwork each time we log in.
There are some downsides to using Chrome’s password manager. At the moment, the tool does not integrate directly with your mobile apps. For instance, if you log into Netflix on your mobile device, you won’t have your saved password automatically filled. This could prove inconvenient, especially if you’ve used the password manager to generate a complicated, lengthy password that you have not memorised. For now, it may be more beneficial to stick with an independent password manager. Many of these, especially the well-known and trusted brands such as 1Password, Dashlane, KeePass or LastPass, can integrate smoothly across your devices, working with both your desktop browsers and mobile apps. There’s also a certain peace of mind that comes from using a separate password storage manager.
Ultimately, however, the best practice is to choose the tool that best fits your personal preferences. The one that you find easiest to use is the one you’re most likely to stick with, giving you that extra edge of security with your login details.
What do you think? Would you try the Google Chrome password manager? Do you have another manager you prefer?