Google Chrome will now recommend pronounceable password hoices, according to developer and Chrome “happiness evangelist” Francois Beaufort, who announced the change via his Google+ page.
Google Chrome will now recommend pronounceable but strong password choices, according to developer and Chrome “happiness evangelist” Francois Beaufort, who announced the new version of Chrome’s built-in password generator via his Google+ page.
But the security-conscious need not be too concerned – by ‘pronounceable’, the search giant does not exactly mean, “Password1”.
Instead, the example given of a strong password which is also pronounceable is “masOotitaiv6”, which may be MORE pronounceable than the average password generated via an algorithm, but remains fairly secure, and not too easy to say out loud.
Strong password: Say it loud
The Register reports that the new feature is currently being tested in an early developer version of the Chrome browser.
“Give it a try and go to any “sign up” page. As soon as you focus the password field, a nice overlay will suggest you a strong and pronounceable password that will be saved in your chrome passwords,” Beaufort said.
Beautfort continues to say that: “Chromium uses a C library that provides an implementation of FIPS 181 Automated Password Generator.” FIPS 181 is a standard random password generator, used widely on websites, and designed by the NIST (National Institute of Standards and Technology.
The new strong password feature is available to some users running the Canary early “test” version of Chrome, Beaufort says.
As well as pronounceability, the new feature automates the process of auto-generating and saving passwords within Chrome more heavily.
Watch out, LastPass?
The Register comments, “The update is Google’s latest encroachment into the territory of online password management dominated by LastPass and 1Password, who could well feel threatened as Chrome builds in functionality they once offered as third-party value adds.”
A We Live Security guide to generating strong password can be found here, while veteran security writer and researcher Graham Cluley offers some thoughts on the worst pitfalls awaiting those who ignore password advice here.