undefined | Better HN

0 pointshunter2_1y ago0 comments

The way Google's password manager covers websites anywhere I'm logged into Chrome plus native Android apps anywhere I'm logged into Google Play is super convenient though (albeit total lock-in, I won't argue that). Some apps are even developed well enough that a password originally stored via Chrome will be suggested for the app, I guess by cross-referencing the origins in some mutual way. And payment card details will auto-fill pretty smoothly in a very similar way, as well.

It's fantastic, and for some reason I trust OS/browser developers to do this more safely than a company focused on password management that has to figure out OS APIs, write browser extensions, or rely on a clipboard that has nearly unbounded read access.

0 comments

cozzyd1y ago

Not sure people should take password advice from hunter2

smileysteve1y ago

The security positive of a browser integration is you eliminate the human part of url validation; effectively stopping phishing.

hunter2_OP1y ago

I love that. Unsolicited but quite possibly authentic email from my bank? No auto-fill means no-go, start over from a known URL. It would be funny if this behavior isn't a guarantee in certain adverse conditions.

lolinder1y ago

> anywhere I'm logged into Chrome plus native Android apps anywhere I'm logged into Google Play is super convenient though

Android's autofill framework is open to everyone to use, and every third-party password manager has a Chrome plugin. I use Bitwarden with exactly this experience, but across Firefox and Chrome and Android.

hunter2_OP1y ago

Interesting! If I used Firefox (et al.) more, and if my passwords stored by Google aren't available there but they would be if stored in Bitwarden, this new-to-me information just might lead me to switch. But I do still intuitively put more trust in Google to not make a mistake; I am ready to be convinced of the opposite, though.

watermelon01y ago

> Some apps are even developed well enough that a password originally stored via Chrome will be suggested for the app

At least on iOS, this works for any password manager.

j / k navigate · click thread line to collapse

0 comments

cozzyd1y ago

Not sure people should take password advice from hunter2

smileysteve1y ago

The security positive of a browser integration is you eliminate the human part of url validation; effectively stopping phishing.

hunter2_OP1y ago

lolinder1y ago

> anywhere I'm logged into Chrome plus native Android apps anywhere I'm logged into Google Play is super convenient though

hunter2_OP1y ago

watermelon01y ago

> Some apps are even developed well enough that a password originally stored via Chrome will be suggested for the app

At least on iOS, this works for any password manager.

j / k navigate · click thread line to collapse