The Chrome team says they’re not going to pursue Web Integrity but…
it is piloting a new Android WebView Media Integrity API that’s “narrowly scoped, and only targets WebViews embedded in apps.”
They say its because the team “heard your feedback.” I’m sure that’s true, and I can wildly speculate that all the current anti-trust attention was a factor too.
Problem is big sites you’re forced to use (banking sites, work HR systems, etc) would’ve made shitty decisions and required it to use their site. It would be like the old “you have to use IE 6” era
Banking site: We’ve implemented the Web Integrity API because security is important to us.
Also the banking site: Your password can only be six characters.
@ryper what? That’s bizarre. Is this a US thing??
I’m in Canada and I haven’t registered on a banking site recently, but I have definitely had stupidly low password length limits on banking sites in the past. The password from my old Bank of Montreal account that was last updated in 2015 is only 6 characters, and it’s only numbers and letters; I would have definitely had 1Password generate a better password if the rules had allowed it.
Interesting. I’m in New Zealand and my bank passwords are all proper length and characterset. They also have 2FA.
I always thought it was just the US that has an antiquated banking system.
Tangerine used to have 4-6 digit PIN (no password) to access your online-only account.
Not sure if they still do. I believe so, though.
Various state and federal accessibility laws would’ve made that a very questionable decision for a lot of industries. Given that it would cost money simply to get programmers to implement and might lead to more costs from legal challenges I suspect a lot of sites like banks and the like would’ve avoided it.
Now when it comes to basically any news site, entertainment service, social media, online store, or anything else that makes extra money on ads and harvesting user data? Oh yeah, they’d implement it in a heartbeat.