If you like many people, someone probably bothered you to use a password manager and you still haven’t listened to the advice. Chrome and Edge are now coming to the rescue with enhanced password management built right into their browsers.
Microsoft announced on Thursday a new password generator for the newly launched Edge 88. People can use the generator when signing up for a new account or changing an existing password. The generator provides a drop-down menu in the password field. Clicking on the candidate selects him as a password and saves him in a password manager built into the browser. People can have the password sent to their other devices using Edge’s password sync feature.
As I explained years ago, the same things that make passwords easy to use and memorable are the same things that make them easy to guess by others. Password generators are among the most secure sources of strong passwords. Instead of having to think of a password that is really unique and difficult to guess, users can have a generator to do this correctly.
“Microsoft Edge offers a built-in strong password generator that you can use when signing up for a new account or changing an existing password,” wrote members of the Microsoft Edge team. “Just look for the password drop-down list suggested by the browser in the password field and, when selected, it will be automatically saved in the browser and synchronized between devices for easy future use.”
Edge 88 is also launching a feature called Password Monitor. As the name suggests, it monitors saved passwords to ensure that none of them are included in compiled lists of website compromises or phishing attacks. When turned on, the password monitor will alert users when a password matches the lists published online.
Verifying passwords securely is a difficult task. The browser must be able to verify a password against a large, ever-changing list, without sending confidential information to Microsoft or information that can be detected by someone who monitors the connection between the user and Microsoft. In a post also published on Thursday, Microsoft explained exactly how this is done.
Not to be outdone, members of the Google Chrome team this week revealed their own password protections. The main one is a password manager with more features built into the browser.
“Chrome can now ask you to update your saved passwords when you sign in to websites,” wrote the Chrome team members. “However, you may want to update multiple usernames and passwords easily, in one convenient location. That’s why starting with Chrome 88, you can manage all your passwords even more quickly and easily in Chrome settings on the desktop and iOS (the Chrome Android app will also receive this feature soon). “
Chrome 88 is also making it easier to check if any saved passwords ended up in password evictions. Although password auditing came to Chrome last year, the feature can now be accessed through a security check.
Many people are more comfortable using a dedicated password manager because it offers more features than those built into their browser. Most dedicated managers, for example, make it easy to use data words securely. With the line between browsers and password managers starting to blur, it’s probably only a matter of time before browsers offer more advanced management features.
This story originally appeared in Ars Technica.
More great stories from WIRED