If you are like a lot of people, someone probably tricked you into using a password manager and you still haven’t listened to the advice. Now Chrome and Edge come to the rescue with strong password management built right into browsers.
Microsoft Thursday announced a new password generator for the recently released Edge 88. Users can use the generator when creating a new account or when changing an existing password. The generator offers a drop-down list in the password field. Clicking on the candidate selects him as a password and saves him in a password manager integrated in the browser. Users can then send the password to their other devices using the Edge Password Sync feature.
As I’ve explained for years, the same things that make passwords memorable and easy to use are the same things that make them easy for others to guess. Password generators are among the most secure sources of strong passwords. Rather than having to come up with a really unique and hard-to-guess password, users can instead ask a generator to do it right.
“Microsoft Edge offers a built-in strong password generator that you can use when creating a new account or changing an existing password,” Microsoft Edge team members wrote. “Just look for the browser suggested password drop-down menu in the password field, and once selected, it will be automatically saved in the browser and synced between devices for easy future use.”
Edge 88 also deploys a feature called Password Monitor. As the name suggests, it monitors saved passwords to make sure none of them are included in lists compiled from website compromises or phishing attacks. When enabled, Password Monitor alerts users when a password matches lists published online.
Checking passwords securely is a difficult task. The browser should be able to verify a password against a large, ever-changing list without sending sensitive information to Microsoft or information that could be sniffed by someone monitoring the connection between the user and Microsoft. In one support post also released Thursday, Microsoft explained exactly how this is done.
Not to be outdone, members of the Google Chrome team this week password protections revealed of their own. The main one is a more comprehensive password manager built into the browser.
“Chrome may already prompt you to update your saved passwords when you sign in to websites,” the Chrome team members wrote. “However, you may want to easily update multiple usernames and passwords, all in one convenient place. That’s why, starting with Chrome 88, you can manage all your passwords even faster and easier in Chrome’s settings on desktop and iOS (Chrome’s Android app will also receive this feature soon). “
Chrome 88 also makes it easier to check whether saved passwords have resulted in password flushes. As password auditing happened to Chrome Last year, the functionality is now accessible through a security check.
Many people are more comfortable with a dedicated password manager because they offer more features than those built into their browser. Most dedicated managers, for example, make it easy to use dice words in a secure manner. With the line between browsers and password managers starting to blur, it’s probably only a matter of time before browsers offer more advanced management capabilities.
This story originally appeared on Ars Technica.
More WIRED stories