Password protection has long been problematic as a method of securing personal data. Most of the time, the passwords people use are not particularly difficult to guess; common passwords include simple patterns, such as 12345 or qwerty. Passwords use single dictionary words, or dictionary words that include simple substitutions in spelling, such as p@ssw0rd or j0hnsm1th, are likewise easily cracked by software used by hackers. Such software is capable of cracking relatively strong passwords—for example, passwords that use 8-12 characters, numbers, and symbols—in minutes.
Google’s forthcoming solution to the problem in its Chrome browser has drawn criticism for failing to adequately address the problem. Google is currently testing a new browser feature that will generate passwords impossible for a human user to remember. The problem is that these passwords, despite appearing more sophisticated, will not be significantly harder for hackers to crack. And it presents an additional security risk: if you use Chrome on all your devices, such as a laptop or smartphone, the feature will allow anyone to use any one of those devices to access your accounts.
The full report can be found here.