Apple releases open source 'Password Manager Resources' project for developers
The idea of reading a password manager reading a website's password rules (which they are calling "quirks" apparently) is a great idea as the app would then know what the controlling parameters are (15 characters, must have an upper, a lower, and three special characters) when it auto-generates a password. Since I started using KeePassXC I've been shocked at how many websites -- especially financial institutions! -- don't allow you to use 64 character long passwords using multiple "special characters" (why would you make a password rule that says I can only use five select non-number, non-letter characters and only "one to three" of said characters?)...
I feel like this would be better as a Well-Known URI, for example /.well-known/password-manager.json with similar format to the repo – That way it's not up to Apple to decide what goes in the repository
I just wish Apple allowed better integration with third-party password managers.
I’ll say it. This is kind of a joke.
Not that it would be a joke if an individual developer released it, and built an active community who contributed, or if it was more than 100 websites long.
But the heavy publicity push seems a bit early. And, it feels like Apple’s announcement is little more than “hey guys, check out this POC repo!”.
It kinda feels like Apple doesn’t get OSS.
Direct link to Github: https://github.com/apple/password-manager-resources
Seems like a good idea, instead of every password manager trying to re-implement the same kind of edge cases. One day I hope we can just "muss change" password because sites follow a common theme like https://wicg.github.io/change-password-url/index.html - but maybe we have a better strategy than passwords until then.