[spondyl]

That "Save this login" stuff in Chrome drives me up the wall. I understand you can disable it under Settings (and I do) but I see it on other people's computer too and I feel a bit of me die inside when they click "Save login" just to make it go away.

[srazzaque]

Completely agree. It's ironic that users who click "remember my password" are 10x more likely to forget their password.

The next step in this equation is even more frustrating - people who's default workflow to signing in is to click 'I forgot my password', and proceed through those steps to instil a new password. And then the cycle continues.

[wild_preference]

> It's ironic that users who click "remember my password" are 10x more likely to forget their password.

How is that ironic? People who can't remember their password would have the most reason to let an external apparatus save it for them.

[srazzaque]

People who can't remember their password often forget it due to having used that feature. Forcing yourself to type a password in over and over will pretty quickly encode it into muscle memory.

[bun_at_work]

This is a little ridiculous. Do you think there is no value in password managers? It's almost certainly better to have many complex passwords managed for you and only one strong password to protect them all, than to remember the same few passwords used across many accounts, decreasing the overall security of those accounts.

I understand healthy skepticism of Google, but essentially claiming password managers (which is what this feature is) are bad, for the sake of criticizing Google, is bad.

[srazzaque]

I think you've misunderstood me. I'm not criticising Google here. I just dislike any tool that encourages people to unintentionally forget passwords for the sake of "getting this annoying prompt out of my way". This can be a "remember me" on a website's own page, or a browser feature.

A good password manager is a great tool and more secure than a few simple memorable passwords. But when I use it, I'm making a conscious trade-off between memorable passwords and secure ones, but usually I'll at least need to memorise a master.

I'm fact just thinking about it - if Chrome's signin affinity is turned on, and I have chosen "remember me", AND I use the password manager, isn't that effectively equivalent to having your entire password manager with a "remember me"?