Closed Bug 1354498 Opened 7 years ago Closed 4 years ago

Enforce password differentiation at password change time

Categories

(Toolkit :: Password Manager, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 1118553

People

(Reporter: tomer, Unassigned)

Details

The recent addition of insecure password warning rise the awareness for web security, and I guess that more websites will have to switch to HTTPS to make sure that the message won't appear to their users. 

I suggest continuing in these efforts, and if there is no more secure alternatives to passwords at this time, let's do our best to secure the users. 

My idea require two additional components that have to be developed. Together with the existing passwords autocomplete and Sync features it will make sure that users will be more secured online.

a. Provide a strong password generation mechanism when registering to a new site or updating existing password. This option should live on the password form itself and triggered when there is no autocomplete suggestion for the website or when there are two password fields (password validation). Password strength should be anywhere between 10 to 30 characters and strong enough.

b. When updating passwords for a website, provide a warning message if the same password exists for another website. In the cost of one SQL query per password update, we can eliminate the password reuse for the users, and make them more secure online.



If both features are implemented, the browser will provide more secure browsing to the users. 

a. Less risk of password exposer after a password leak from a broken websites. Since the user are not using the same password everywhere else, a password exospore from one website could limit the problem only to that website. 

b. Since the passwords are too difficult to remember and difficult to be written on a paper, the user will be more depend on the browser to provide the login details, which will make less risk of phishing websites; The browser doesn't provide login details for f4ceb00k.com, so the user may give more attention to the website address and won't login right away.



An added value - Since Sync can synchronize the password across devices, the user will find it easier to use the same browser on other devices.
(In reply to Tomer Cohen :tomer from comment #0)
> a. Provide a strong password generation mechanism when registering to a new
> site or updating existing password. This option should live on the password
> form itself and triggered when there is no autocomplete suggestion for the
> website or when there are two password fields (password validation).
> Password strength should be anywhere between 10 to 30 characters and strong
> enough.

That's bug 376674 and in my mind is at the top of the list of things to do assuming our heuristics for filling are reliable e.g. after bug 1287202. We don't want to generate a strong password for a user and not have it be easily accessible upon future log in attempts.

> b. When updating passwords for a website, provide a warning message if the
> same password exists for another website. In the cost of one SQL query per
> password update, we can eliminate the password reuse for the users, and make
> them more secure online.

This will be a big change for most users and I think we would need to ease people into this by having it opt-in to start. Constantly scaring users may cause them to leave the product so it would need to be done with a lot of user testing/research.

> If both features are implemented, the browser will provide more secure
> browsing to the users. 
> 
> a. Less risk of password exposer after a password leak from a broken
> websites. Since the user are not using the same password everywhere else, a
> password exospore from one website could limit the problem only to that
> website. 
> 
> b. Since the passwords are too difficult to remember and difficult to be
> written on a paper, the user will be more depend on the browser to provide
> the login details, which will make less risk of phishing websites; The
> browser doesn't provide login details for f4ceb00k.com, so the user may give
> more attention to the website address and won't login right away.
> 
> 
> 
> An added value - Since Sync can synchronize the password across devices, the
> user will find it easier to use the same browser on other devices.

I'm going to rename this bug to focus on the latter portion since the former portion is already tracked in bug 376674.
Summary: Enforce password differentiation and provide strong password generation → Enforce password differentiation at password change time
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.