The technology giant wants password manager developers to work together to improve user experience and security
Apple has released a number of open source tools that password manager developers can use to create more secure passwords for their users. The project, referred to as Password Manager resources, primarily aims to solve the problem that password managers generated passwords often do not meet website requirements – a problem that people of all operating systems face.
"Every time a password manager generates a password that is incompatible with a website, a person not only has a bad experience but also a reason to be tempted to create their password," Apple said on his GitHub -Page.
Persons who give in to such a "temptation" may commit one of the main sins in creating passwords, e.g. For example, recycling your password across multiple accounts or opting for easy-to-remember passwords. These are generally less secure than random strings generated by special password management software.
The Cupertino technology giant expects the project to have three benefits:
By sharing resources, the quality of all password managers can be improved with less work than a single password manager would need to achieve the same result.
Public documentation of website-specific behaviors can encourage websites to use standards or emerging standards that improve their compatibility with password managers.
Improving the quality of password managers improves user confidence in them.
The list of tools includes password selection parameters used by popular websites – minimum and maximum password lengths, regardless of whether lowercase or uppercase letters, numbers, and even special characters are required. This allows password managers to generate passwords that are both secure and compatible with the websites.
Apple has also added a list of websites that use "the same credential backend," meaning that they share credentials. For example, a user can use the same credentials for different Amazon region-specific varieties, or a chain like Marriott International can allow them to use the same credentials for their subsidiaries.
The company also included a list of password-changing URLs that websites use to redirect users to change their password. "To drive the introduction of strong passwords, it is helpful to direct users directly to the password change pages on websites," added Apple.
5 common password mistakes you should avoid
People know that password reuse is risky – then do it anyway
Vulnerabilities in common password managers
Amer Owaida June 8, 2020 – 3:51 p.m.