A new Chromebook feature is in the works to show a password strength indicator. It’s a work in progress so you won’t see it yet. The password strength indicator will debut as an experimental feature with the intent to boost ChromeOS online security.
I found ChromiumOS code on Wednesday that will add the password strength indicator to ChromeOS. The flag to enable it isn’t available on the ChromeOS 105 Dev Channel, which is what I’m running currently.
Once the code is pushed out, you can enable the flag at chrome://flags#password-strength-indicator.
Personally, I can’t believe that this feature doesn’t already exist to strengthen ChromeOS online security.
It’s fairly standard on most third-party password managers. I know because I looked at most of the major ones before moving my passwords away from Apple and Google on my devices.
If you’re not familiar with a password strength indicator, here’s an example from 1Password, which is the password manager I use. The indicator shows when creating a password and also when viewing your passwords.
First, there’s the big, red banner saying my password is weak. And there’s a password strength indicator under my credentials. Don’t worry, I’ve already updated it to a far stronger password. ????
The simple indicator provides a visual clue as to how weak or strong a password is. A stronger password would show a longer bar colored green in 1Password, or a green circle, as shown below from the 1Password Chrome extension.
I don’t know how Google will represent it to boost ChromeOS online security, but you get the idea.
Surely this effort to bolster ChromeOS online security is part of Google’s larger in-browser password overhaul.
ChromeOS 101 added the ability to save password notes, for example. All the way back in ChromeOS 79, Google added a password checkup feature that alerts you when stolen credentials appear elsewhere online. It compares your online account credentials against a database with more than 4 billion known cracked passwords. And I see work on other password-related features in the ChromiumOS codebase that I’ll be following up on in the future.
I still prefer not to store my credentials with a browser or device, but that’s just me. I know many Chromebook users stick with the simplicity of the password manager built-in to ChromeOS. So I see this as a positive, if not overdue, step for Google to help keep your online accounts a little more secure.
1 Comment
Chrome OS paying customers second to non paying Chrome users yet again. Poor very Poor.
I went to strong passwords then to non strong when 2 FA started because it seemed like password less important then. Bet loads other people thought the same.
2FA needs to be everywhere but better 2FA methods so not reliant on phone. USB security keys, Secuity cards with readers etc on top of phones.
People who do strong passwords and dont use a PW manager, just forget them and do forgot email link on websites. Some people write them down which effectively makes it a form of 2FA i.e something you have, so largely passwords are worthless even when strong, because people are weak.
Tech fails when it doesn’t account for people not caring. Chrome OS works because it’s tech says people don’t know about viruses and just doesn’t let any programs be installed. Tech that succeeds takes into account people being ignorant. Tech that fails assumes everyone is as informed / cares as much as the programmer. Essentially tech succeeds when the programmer assumes users are not godlike as them.