Google just released Chrome 67 for desktop, as spotted by ZDNet. This version of Chrome will allow password-free sign-ins for most websites, meaning you can avoid hunting through a password manager for specific credentials.
Password-free sign-ins come from the Web Authentication standard, which was launched in March by the FIDO Alliance and the W3C. It lets you sign in to any virtually any online service through unique credentials that you don’t have to memorize, such as fingerprint readers, USB keys like YubiKeys, etc. The standard is also meant to make it less likely a bad actor can obtain your most commonly used passwords by making it easier to give each service different login credentials.
Mozilla’s Firefox was the first to get the standard, while plans for Chrome and Microsoft Edge to adopt the standard later were hinted at.
Chrome 67 is also increasing its use of site isolation, keeping each browser tab separate so that a site can’t easily access data from other open tabs, which is a fix it initially rolled out to address Spectre-style attacks. Chrome will also be more compatible with VR through the Generic Sensor API, which is a standard used among fitness trackers and VR headsets, and it should pave the way for more integrations between desktop and gadgets to come.
On the Converge podcast, Google’s Mark Risher tells us why everything we know about passwords is wrong.