Chrome and Edge want to help solve your password problem
If you are like a lot of people, chances are that someone bothered you to use a password manager and you still didn’t respond to the advice. Now, Chrome and Edge are on the verge of the rescue with the enhanced password manager built right into the browsers.
Microsoft on Thursday Announce a new password generator For the recently released Edge 88. People can use the generator when registering for a new account or when changing an existing password. The generator provides a dropdown list in the password field. Clicking on the filter will mark it as a password and save it to the built-in password manager in the browser. People can then push the password to their other device using Edge’s password sync feature.
As I have explained for years, the same things that make passwords memorable and easy to use are the same things that make them easy for others to guess. Password generators are among the most secure sources of strong passwords. Instead of having to think of a password that’s really unique and hard to guess, users can instead get a creator to do it right.
Members of the Microsoft Edge team wrote: “Microsoft Edge offers a powerful built-in password generator that you can use when signing up for a new account or when changing an existing password.” “Simply look for the browser suggested password dropdown list in the password field, and when you select it, it will be automatically saved in the browser and sync across devices for easy use in the future.”
Edge 88 also introduces a feature called Password Monitor. As the name suggests, it monitors saved passwords to make sure none of them are included in the lists compiled from website hacking or phishing attacks. When turned on, Password Monitor alerts users when the password matches the lists posted on the Internet.
Verifying passwords securely is a difficult task. The browser needs to be able to verify the password against a large, always-changing list without sending sensitive information to Microsoft or information that could be sniffed out by someone monitoring the connection between the user and Microsoft.
at Attendant post Also posted on Thursday, Microsoft explained how to do this:
Symmetric encryption is a relatively new rudimentary encryption method that allows computing on encrypted data without first decrypting the data. For example, suppose we got two encrypted texts, one encrypted 5 and the other encrypted 7. Usually, it makes no sense to “add” these encoded texts together. However, if these encoded texts are encoded using homomorphic encoding, there is a general process to “add” these encoded texts and re-encode a value of 12, the sum of 5 and 7.
First, the client communicates with the server to obtain the H hash of the credentials, where H denotes the hash function that only the server knows. This is possible using a primitive encoder known as the Pseudo-random-Forgotten Function (OPRF). Because the server alone knows the H hash function, the client is prevented from carrying out an effective dictionary attack on the server, a type of brute-force attack that uses a wide range of possibilities to determine a password. The client then uses symmetric cipher to encode H (k) and send the resulting cipher-text encryption (H (k)) to the server. The server then evaluates a matching job on the encrypted credentials, and gets a result (true or false) encrypted under the same client key. The process for the matching function looks like this: computeMatch (Enc (k), D). The server forwards the encrypted result to the client who decodes it and gets the result.
In the framework above, the main challenge is to reduce the complexity of the computeMatch function in order to have good performance when this functionality is evaluated on encrypted data. We used many improvements to meet the needs of our users.
Not to be outdone by the Google Chrome team members this week Password protection detection Their own. The most important one is a full-featured password manager built into the browser.
“Chrome can actually prompt you to update saved passwords when you log in to websites,” the Chrome team members wrote. However, you may want to update multiple usernames and passwords easily and in one convenient place. That’s why, starting with Chrome 88, you can manage all your passwords faster and easier in Chrome settings on desktop and iOS (Chrome app for Android will get this feature soon too).
Chrome 88 also makes it easy to check if any saved passwords you end up with when empty passwords. While the password check came to Chrome last year, The feature can now be accessed using a security scan similar to the one shown below:
Many people feel more comfortable using a dedicated password manager because they offer more capabilities than those in their browser. Most dedicated managers, for example, make it easy to use Dice words In a safe way. As the line between browsers and password managers begins to blur, it is likely only a matter of time for browsers to introduce more advanced management capabilities.