Always enable the Chromium strong password generator

[adamreisnz]

Whatever happened to this issue?

https://github.com/brave/browser-laptop/issues/5037

It seems to have been closed, but I can't find any sign of the feature or any other issue here referencing it.

I really miss this feature from Chrome.

[tildelowengrimm]

If Chromium has this feature, then we should have it shortly. But we're not going to make substantial changes to the Chromium password manager right now.

[norsehealer]

I like Enpass, open source, and works on windows, android, and apple.

[alexandrestein]

I have on my Arch linux both, Chromium (from the repo) and Brave (downloaded from GitHub, the latest stable release: 0.65.121)

The underneath Chromium version is the same: 75.0.3770.100

But the option to generate password is present in Chromium but not in Brave.

How I understand the @tomlowenthal statement: if it is present in Chromium it will show up in Brave because it is based on it. But in this case it should be already the case. Isn't it?

Or it has been shutdown on purpose during the Brave translation?

I have to use openssl to generate strong passwords. Things could be a bit easier if this was implemented directly into the browser.

Please consider putting this in tier P4 instead of P5. :pray: :smile:

[tildelowengrimm]

I don't see a password generator in a released version of Chrome. Can you share a screenshot of the Chromium feature, @alexandrestein?

[adamreisnz]

[adamreisnz]

Another discrepancy between Chrome and Brave around password management that I've noticed is that Chrome automatically fills in the first matching username/password for you. Brave forces you to click on the input field first, and then select from the options, even if there's just one.

This is a minor annoyance, as it adds an often unnecessary step to each login process.

[adamreisnz]

@tomlowenthal do you need any further information about this feature? Have you been able to spot it in Chrome?

[tildelowengrimm]

@adamreisnz Thanks for all the info. The next thing for me will be to check out what's missing on our end. But it's not a high priority I'm afraid.

[jonathansampson]

@tomlowenthal Chrome surfaces this feature when Chrome Sync is enabled, and only then (from what I can tell).

[Zireael07]

Any news on this?

[cjwijtmans]

one year later... :)

[adamreisnz]

Yeah I moved back to Chrome ;)

On Tue, 18 Aug 2020, 21:28 Christ-Jan Wijtmans, notifications@github.com wrote:

one year later... :)

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/brave/brave-browser/issues/4901#issuecomment-675369850, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADXYQV2MNN2WRUMGZPMM6TSBJCUTANCNFSM4HX7VYEA .

[srirambv]

+1 from @Axilot via #11774 for random password generator

[sujanchegu]

Firefox has one built-in too. Please make this a high-priority issue.

[alexandrestein]

As an alternative we should consider Bitwarden. It's a password manager which is:

• Open source
• Cross platform
• Multi browser
• Sync by cloud and can even be hosted if needed

No need to wait for the browser to support it. And you can move to any browser without hassle.

[Zireael07]

I had an issue where LastPass thought my master pass was wrong when it was obviously right (and it accepted it from another device after some fiddling with settings). That makes me leery of any password managers where you can't reset the master pass.

Also many people don't need a whole manager, they only need to generate a password once in a long while.

[secretgspot]

what's the status on that? does it really take 2 years to push a feature?

[jonathansampson]

@secretgspot If you enable Brave Sync (you don't have to connect any devices), you will find that Brave will automatically suggest passwords for sites as you browse the web and sign-up for services.

[zcraber]

+1

[cjwijtmans]

As an alternative we should consider Bitwarden. It's a password manager which is:

• Open source
• Cross platform
• Multi browser
• Sync by cloud and can even be hosted if needed

No need to wait for the browser to support it. And you can move to any browser without hassle.

sync by cloud meaning its hosted on the cloud or i can pick any cloud i want where it stores files encrypted? I am looking for the latter.

[alexandrestein]

You can run your own server if you want. Never done it but it's possible. https://bitwarden.com/help/hosting/

[cjwijtmans]

Have not found it in here. So i can't be bothered. 🤔 I have always wanted software that synced my data, browser data, todo list etc. via my own hosted git server or file "cloud" encrypted.

https://packages.gentoo.org/packages/search?q=bitwarden

[milanmarca]

Any update on this?

[cjwijtmans]

you need to have sync on for password suggestions i believe.

[curiousconfucius]

you need to have sync on for password suggestions i believe.

Thank you!.. This worked.

[fmarier]

As others have pointed out, it is actually possible to enable this in Brave, but all three of the following settings must be enabled:

1. Go to brave://settings/passwords and enable Offer to save passwords.
2. Go to brave://settings/braveSync and enable Sync (no need to add another device).
3. Go to brave://settings/braveSync/setup and enable Passwords under Sync data.

[fmarier]

So it does look like this is fully working, but it's unnecessarily gated on a bunch of prefs. We should remove that restriction and make it always available.

[GiantPluto]

I guess the reason behind having that gated under "Offer to save passwords" and "Password Sync" is to make sure the users doesn't lose the password. Since its an auto generated complex password, it would be almost impossible to remember that by heart for most of the people. Either they have to save it by themselves or allow brave's password manager to save it and best option would be to use "Offer to save password". Even saving that just offline would be a risk as there is a chance of losing the user data on OS account deletion, HDD failures, OS reinstall etc. So thats where "Password sync" would come as a savior.

[fmarier]

As @GiantPluto pointed out, the extra gating is a safety feature to prevent users forgetting the randomly-generated password. After discussing it with @diracdeltas, we've amended my original suggestiong in https://github.com/brave/brave-browser/issues/4901#issuecomment-864286867 and are now proposing the following:

require that saving passwords be enabled, but do not require Sync to be enabled

That way, we do have some amount of protection against forgotten passwords, but still expose that handy features to users who choose not to enable Sync (e.g. users with only one device).

Losing passwords is a hassle, but users can generally recover via an email reset link, so there's a reasonable solution for that case.

[curiousconfucius]

It make sense to require either "Offer to save password" and/or have sync enabled. The challenge I experienced as a regular user was to intuitively find these pre-requisites.

Ideally, by default the Suggest Password option is available when right clicking on a password field and then prompt the user to enable save password before using that feature.

Alternatively, have a "Suggest Password" toggle in the Passwords setting page and when enabled, prompt the user to enable the prerequisites.

[StijnBousard]

As others have pointed out, it is actually possible to enable this in Brave, but all three of the following settings must be enabled:

1. Go to brave://settings/passwords and enable Offer to save passwords.
2. Go to brave://settings/braveSync and enable Sync (no need to add another device).
3. Go to brave://settings/braveSync/setup and enable Passwords under Sync data.

I have these three settings enabled, but still no (strong) passwords are suggested. What else can be wrong?

[supersonic71]

Can confirm @StijnBousard what is describing. I have the same issue despite enabling all three. (Also why sync is required for this anyways?)

[supersonic71]

@StijnBousard I chose Sync everything for last step, it works now.

[migs35323]

I am missing on this feature, it was really useful on other browsers It doesn't make sense to force sync enabled to activate this feature, the other browsers don't make this obligatory, not sure if it's speculation or the reason is in fact "to protect the unwary users" from losing their passwords, this is just moving the problem, if someone looses all the passwords it's likely it loses the sync key as well... if something bad happens and passwords are lost, users can always recover them with the mail or other recovery options...

we have the option to export and import passwords... at least make it so we can enable it on the "brave://flags/" or some other "secret options menu" with a warning if user is comfortable to go there and enable it, it should be comfortable to manually backup the passwords or understand it can lose them...

[StijnBousard]

I already changed the sync settings, but even then, I noticed that most of the time, I had no password suggestions. I now discovered that when I disable Shields for those sites, the Suggest password... option appears. Even when I re-enable shields, the choice remains in the context menu. Sometimes I have to click another field in the form and return to the password field for the Suggest password... option to appear. It's not 100% clear to me why and when it appears/doesn't appear. Is it the shield, the repaint of the site, ...? It seems to me that it is some sort of timing question... I'll keep you all informed when it becomes clearer to me.

[arfanliaqat]

Please add this feature it is really useful. Like above others, i've sync, password settings turned on as described but never got any password suggestion.

[poisenbery]

So, 3 years later and....what is the progress on this?

[StijnBousard]

I'm still struggling with this issue as well. Instead of using the mouse, I've recently started using the keyboard to navigate from field to field and also for calling the context menu ('Menu key on a Windows keyboard or Shift+F10). That's my latest 'trick'. Even though the 'Suggest password...' still doesn't show up everywhere, I have the impression that by using the keyboard, it shows up in more cases than using the mouse... I'm still thinking it's some sort of a timing matter...

[54mu3l]

Any news on this?

This is probably one of the most important features to me (and not everyone want's a third-party-passwort-manager...)

[Wheemer]

Does anyone even care at all over here?

[poisenbery]

I don't have the "Suggest Strong Password" feature showing up ANYWHERE AT ALL.

How do I make it work in Brave??? It seems like some users have the functionality.

[poisenbery]

Sorry for not understanding this, but what does ad blocking have anything to do with it?

I can have all of the same addons enabled in Chrome and "Suggest Strong Password" shows up every single time I have a password field. I've actually NEVER seen it in Brave and I actually assumed it was just never implemented at all.

I know for a fact that they're password fields, because when I get frustrated and swap back to Chrome, the option to "Suggest Strong Password" shows up and works perfectly fine.

If I have to disable adblock in Brave to make it work, then it seems like there is no point in using Brave anymore.

On Wed, Sep 14, 2022 at 9:22 PM Brian Cullinan @.***> wrote:

It depends on the type of field, are you sure it is a password field?

If the password field isn't working properly the "deep state" is trying to get you to use social login, look for Google or Facebook sign in instead and turn of ab-blocking.

On Wed, Sep 14, 2022, 19:51 poisenbery @.***> wrote:

I don't have the "Suggest Strong Password" feature showing up ANYWHERE AT ALL.

How do I make it work in Brave??? It seems like some users have the functionality.

— Reply to this email directly, view it on GitHub < https://github.com/brave/brave-browser/issues/4901#issuecomment-1247515569 , or unsubscribe < https://github.com/notifications/unsubscribe-auth/A24QKTRHQ6FK6N6WEM3NFJDV6KFJLANCNFSM4HX7VYEA

. You are receiving this because you commented.Message ID: @.***>

— Reply to this email directly, view it on GitHub https://github.com/brave/brave-browser/issues/4901#issuecomment-1247563811, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASWU22G7NT6B4C3LF4D2YD3V6KP6TANCNFSM4HX7VYEA . You are receiving this because you commented.Message ID: @.***>

[Wheemer]

If I have to disable adblock in Brave to make it work, then it seems like there is no point in using Brave anymore.

Just disable the social login blocker, switch browsers all you want, it still won't work.

Go troll somewhere else...

[Wheemer]

If I have to disable adblock in Brave to make it work, then it seems like there is no point in using Brave anymore.

Just disable the social login blocker, switch browsers all you want, it still won't work.

Go troll somewhere else...

That's funny, they asked for help and I'm the only one trying to find answers for you. What is a better explanation, corruption through ISP? Love connects us all, they'll find you anywhere in time.

Your replies are nonsensical, and sound like you do not even understand the issue at hand.

[Zireael07]

I smell a trolll

[poisenbery]

Use the report function on their profile. This might be a mental break down, as @briancullinan2 has some very disturbing and questionable material on his website. I've submitted a report for harassment and trolling and I encourage everyone here to do the same.

[fmarier]

Another option would be to turn this feature into a setting so that it can also be disabled for users of third-party password managers (https://github.com/brave/brave-browser/issues/30886).

[lukaslevert]

+1 to making it a setting.

Suggest automatically enabled, with an easy path to turn it off in brave://settings/passwords

[makipsee]

just switched to Brave from Chrome... this is one feature that i would like to have.... but over 4 years and still not implemented???

[StijnBousard]

Ever since I've been using the keyboard to navigate from field to field and also for calling the context menu ('Menu key on a Windows keyboard or Shift+F10), I'm no longer having troubles getting the password suggestion. It's the best workaround imho. Nevertheless, it still would be fine to get it solved in all use cases (using the mouse).