Tom Insam

Authentication, Chrome, Passwords - Security is Hard

From Chrome’s insane password security strategy:

There are two sides to this. The developer’s side, and the user’s side. Both roles have vastly different opinions as to how the computer works. Any time I try to draw attention to this, I get the usual responses from technical people:
The computer is already insecure as soon as you have physical access

Yes. It is. And I totally agree that no non-technical person understands this, or should have to understand it.

We’ve also been repeatedly asked why we don’t just support a master password or something similar, even if we don’t believe it works. We’ve debated it over and over again, but the conclusion we always come to is that we don’t want to provide users with a false sense of security, and encourage risky behaviour. We want to be very clear that when you grant someone access to your OS user account, that they can get at everything. Because in effect, that’s really what they get.

Justin Schuh

But I believe that technical people are are fine with this not because they understand that physical machine access == “now it’s my computer” (they do, of course, that’s not the point), but because they have a much lower-level, visceral connection with their computer. it’s part of them. So of course it’s an extension of them from an authentication point of view. It’s their proxy to the universe. No-one touches my keyboard but me.

Of course, as a technical person, I know why it’s the way it is. Chrome has to type your passwords in for you. So it has to store them. The only long-term solution to this is to stop using passwords in favour of something better.