Closed Bug 1686071 Opened 11 months ago Closed 6 months ago

[meta] Use Apple's password rules data to improve password generation experience

Categories

(Toolkit :: Password Manager, enhancement, P2)

enhancement

Tracking

()

VERIFIED FIXED
91 Branch
Tracking Status
firefox86 --- wontfix
firefox91 --- verified

People

(Reporter: tgiles, Assigned: tgiles)

References

(Depends on 2 open bugs, Blocks 5 open bugs, )

Details

(Keywords: feature-testing-meta, Whiteboard: [passwords:generation])

Attachments

(6 files, 1 obsolete file)

Apple has open sourced some resources for password managers including data for password rules for particular websites. In order to improve the password manager experience for users, this data and the related parser will be implemented so that Firefox's password manager is able to generate site appropriate passwords.

Blocks: 376674
Severity: -- → N/A
Priority: -- → P2
Whiteboard: [passwords:generation]
Assignee: nobody → tgiles
Blocks: 1691664, 1691741
See Also: → 1694190
Depends on: 1694190
Depends on: 1704582
Status: NEW → ASSIGNED
Attachment #9219853 - Attachment description: Bug 1686071 - Add PasswordRulesManager module. r=sfoster,dimi → Bug 1686071 - Generate passwords based on rules and domain. r=sfoster,dimi
Attachment #9219854 - Attachment is obsolete: true
Blocks: 1714399

This patch adds two scalars to keep track of the number of passwords generated via custom rules and default rules when "signon.improvedPasswordRules.enabled" is true.
This way, we can see if there is actual use of this feature for future decisions.

Depends on D114113

Attachment #9225256 - Attachment description: Bug 1686071 - Add telemetry probe for number of default rules generated password versus non-default rules. r=dimi → Bug 1686071 - Add telemetry probe for number of passwords generated by custom rules versus default rules. r=dimi
Attached file data-request-review.md
Attachment #9225288 - Flags: data-review?(jhirsch)

Comment on attachment 9225288 [details]
data-request-review.md

Data Review Form (to be filled by Data Stewards)

Instructions: Data Stewards will review a request for data collection and endorse responses to each question. If the request does not provide answers to questions, reviewers give an r- and point to the questions that can’t be answered.

  1. Is there or will there be documentation that describes the schema for the ultimate data set in a public, complete, and accurate way?

Yes. This data set will be documented alongside other desktop telemetry data.

  1. Is there a control mechanism that allows the user to turn the data collection on and off? (Note, for data collection not needed for security purposes, Mozilla provides such a control mechanism) Provide details as to the control mechanism available.

Yes. Users can disable telemetry (easiest) or disable the signon.improvedPasswordRules.enabled pref.

  1. If the request is for permanent data collection, is there someone who will monitor the data over time?

Yes, tgiles.

  1. Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under?

Category 2, interaction data.

  1. Is the data collection request for default-on or default-off?

Default-on.

  1. Does the instrumentation include the addition of any new identifiers (whether anonymous or otherwise; e.g., username, random IDs, etc. See the appendix for more details)?

No.

  1. Is the data collection covered by the existing Firefox privacy notice?

Yes.

  1. Does the data collection use a third-party collection tool?

No.

Attachment #9225288 - Flags: data-review?(jhirsch) → data-review+
Pushed by tgiles@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c939fa286658
Add 'improved password rules' pref. r=dimi
https://hg.mozilla.org/integration/autoland/rev/79da4ac1afde
Add PasswordRulesParser module. r=dimi
https://hg.mozilla.org/integration/autoland/rev/fdd660f156e9
Generate passwords based on rules and domain. r=dimi
https://hg.mozilla.org/integration/autoland/rev/efce1f6171b2
Add and fix tests due to new password generation feature. r=dimi
https://hg.mozilla.org/integration/autoland/rev/7f5394e45e8d
Add telemetry probe for number of passwords generated by custom rules versus default rules. r=dimi

Setting the QE verify flag since we want to make sure we aren't regressing other parts of password generation. However, we currently don't have data in our "password-rules" remote settings collection, so we won't generate any improved password currently. I am aware of this issue and will post back once we have data in this collection. Until then though, QA will not be able to verify this change.

Flags: qe-verify+
QA Contact: timea.babos
Regressions: 1715724
Depends on: 1716392

:tbabos, the data needed for this feature is now available in Firefox and so the feature is ready for verification!

Depends on: 1718209
Duplicate of this bug: 1583566
Summary: Use Apple's password rules data to improve password generation experience → [meta] Use Apple's password rules data to improve password generation experience

Marking this as verified-fixed given we already tested on Nightly 91.0a1 and one round on Beta 91.0bx as well. There were no issues or regressions caused by this implementation.

Status: RESOLVED → VERIFIED
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.