Skip to content

Security versus Convenience

August 7, 2013

Elliott Kember wrote the headline: “Chrome’s insane password security strategy

Kember points out the way Google Chrome manages saved passwords.

There’s no master password, no security, not even a prompt that “these passwords are visible”. Visit chrome://settings/passwords in Chrome if you don’t believe me.

Yes indeed. Unlike Mozilla Firefox, Google Chrome does not offer users to set Master Password. Apple added Passwords Manager in Safari 6; the passwords are actually stored in users’ Keychain.

Justin Schuh, who works on Google Chrome Security according to his Hacker News profile, says that it was a design decision to not include Master Password in Google Chrome.

For most users, there’s a certain level of inconvenience they are willing to tolerate when dealing with security. Unsurprisingly a lot of users are still using obvious passwords or none at all for their computer login. That’s because they prioritize convenience over security.

Security and convenience have an inverse relationship. It would look something like this:

Security-vs-Convenience-Linear

that is true if it is a linear relationship. In reality it looks more something like the following:

Security-vs-Convenience-Curved

It is more like a curve line. More convenience means less security.

The concern about the way Google Chrome manages passwords is valid. At the same time there is a bigger issue with security. Having a Master Password option would be useless if it is the same obvious password people are using for their computer login. Most users using Mozilla Firefox never set the Master Password at all.

Users need to understand why they need to secure their computers. Ultimately the users are the one to set the security level based on their convenience level.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s