Got passwords? Of course. All of us have passwords. Too many passwords. Passwords from everything– iCloud to Dropbox, email to bank account logins, online retail stores to apps, plus iPhone, iPad, and Mac (and every other device we use to connect online).
Usernames and passwords are sufficiently ubiquitous among those of us online that we need password manager applications to manage them all. That still requires us to remember a password, but you get the idea, right. Passwords are everywhere and Google wants your passwords, too.
Wait. What? Doesn’t Google’s Chrome browser already do password management?
If you’re a person who hasn’t bothered with a password manager—though you probably should—you may be excited to hear that the updated Google Chrome 69 includes better password management, and even a password generator.
So, the world’s largest privacy offender has a new password manager? What could go wrong?
Google has offered a built-in password manager since around 2015, when it began offering to store passwords within the browser as part of its Smart Lock feature.
The very act of using Chrome as your browser of choice means you do not take security seriously, let along the built-in password management capabilities. In this sense, Chrome does what Safari and other browsers do. Recommend passwords, store the new passwords, and offer to log into a website using the new password.
Seems easy and worthwhile, right?
The more keys you store in Chrome’s lockbox, though, the more you’ll want to ensure that Chrome itself is totally secure.
Therein lies the rub. That master list of passwords that Chrome creates and you use can be stored on Google’s own passwords.google.com website which requires your own Google ID and password before it displays the master list of all your passwords.
See the problem?
Convenience trumps security because your Google account username and password likely are stored elsewhere, too; other browsers, password apps, Post-It Notes, and so on. All that’s required to get to all your usernames and passwords is to get your Google account information. For many of us, that information is scattered around, too. I have it on my Mac’s Keychain app and in Safari.
Too many devices, too many passwords, too many options and opportunities for security lapses.
What we need is Face ID for all of Apple’s devices, and have it tied into the appropriate password management apps. 1Password and others have it already. Use Face ID to open iPhone, use Face ID to unlock 1Password to log into a website.
Convenience, meet security. Macs need the same functionality so third party applications can tie into Apple’s Face ID convenience and security system.
Where is Face ID? For now, only on iPhone X. Soon, though, on iPhone XS, iPhone XS Max (or Plus; I like Max), new iPad Pro models, and– someday– the Mac.
You may like and use Chrome but there are better alternatives for privacy and security available these days, and most of the good ones already work with tough, secure, and convenient password managers like 1Password, LastPass, and others.
From my perspective and usage, anything with a Google logo on it is designed to separate you from your private information. Remember, Google is an advertising company. The technology it creates and uses is designed to gather information about you; playful logo and so-called password management notwithstanding.