It's no lie that Google are doing everything they can to improve security for internet users, with each update to the myriad of services that they offer, they find new and inventive ways to help keep people more secure in their day to day lives.
With Google Chrome holding the highest market share of users it's good to know that they’re doing everything they can to make life safer and more convenient for their users.
In Chrome's last major release version 69 on the 4th of September; two days after Chrome’s tenth birthday, Google rolled out some astetical changes to their most popular browser including softer edges around the tab and search functions, while also including some uniquely significant new features in relation to user stay, providing consumers more peace of mind while browsing the web.
Eliminating ‘Life Passwords’
In Version 69, Google paid particular attention to new password management and security features, Chrome will now prompt users to create more secure passwords for each website they visit, making it easier than ever for people to use unique and more secure passwords across the wide variety of different websites they visit. Chrome offers a ‘Remember this password’ feature, which, for the casual internet browser, offers an invaluable tool to allow them to maintain a greater number of individual passwords then they otherwise would be able to. Thus, Google have engineered their Chrome browser to aid in eliminating that ever prevalent “life password” issue that plagues the modern web, which in itself contributes greatly to security problems, creating a weak point that allows easier access for foul play and ultimately costs both multinational corporations, small businesses and individuals alike.
Computer Generated Passwords: Safe?
When a user is asked to change their password, Chrome will now offer to generate a secure password and store it for a more convenient user experience. While this helps prevent multiple user accounts being compromised if a single password is hacked or leaked, it also bypasses the human mind altogether to create a truly random password in each instance, providing vastly superior protection than that of the average human created sequence.
The tech giant themselves have been quoted as saying:
"We’ve also significantly improved the way Chrome handles passwords.”
"Staying secure on the web means using strong and unique passwords for every different site.” "When it’s time to create a new password, Chrome will now generate one for you (so you’re not using your puppy’s name for all of your passwords anymore). Chrome will save it, and next time you sign in, it’ll be there, on both your laptop and phone.” **
HTTPS v HTTP: What does it all mean?
All of this, comes after the release of Chrome’s Version 68 that marked non-HTTPS websites as “Not Secure”. For the uninitiated or less ‘tech savvy’, this update has to do with the need for SSL Certificates in website domains to heighten security for users. According to globalsign.com an SSL Certificate is ‘a small data files that digitally bind a cryptographic key to an organization's details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.’
Ensuring User Security
So while any website that does not have an associated SSL Cert will present as HTTP; HTTPS is the SSL secured version of HTTP, encrypting the data transferred between you, the user, and the website you’re using. The purpose of this safety feature is to help prevent malicious attackers from using exploits such as a Man-in-the-Middle(MitM) attack where an attacker ‘sits’ between the user and the website, relaying information back and forth and potentially injecting malicious scripts to gain high level access to your device. A notable example of this is Comcast, that used MitM to serve its own adverts to its customers.***
Though it was over five years ago, some of us may recall the infamous ‘session hijacking’ incidents that plagued Facebook’s platform before they enforced HTTPS as a standard. In this instance, this seemingly trivial exploit allowed potential attackers to merely listen to the network and relay the same unsecured information to facebook giving them unfettered access to your account as if they were you. To put this simply, HTTPS stopped a basic ‘copy and paste’ of your URL session, allowing anyone the same level of access that you had required your password to gain.
The Future of User Security
Thankfully these days, user security is a at the forefront of multi corporation's collective consciousness, and SSL is becoming the standard connection for all websites. While it may seem as though barely a week can go by without news of a fresh new data breach or flawed hardware/software that exposes millions of users to very real security hazards; it's nice to know that some companies are taking their responsibility to maintain user security seriously, and continue to work tirelessly to make the internet a safer and better place for all of the us to call it ‘home’ on a daily basis.
** https://www.blog.google/products/chrome/chromes-turning-10-heres-whats-new/*** https://thenextweb.com/insights/2017/12/11/comcast-continues-to-inject-its-own-code-into-websites-you-visit/