Apple engineer explains random passwords generated by Keychain: Let you remember it in a short time but not in the long term

Apple Password Manager (the original Apple Keychain) supports the generation of strong passwords, but compared to passwords generated by other password managers, the passwords generated by Apple Password Manager have significant characteristics. Take the password manager 1Password as an example: the random passwords generated by this software usually contain uppercase letters, lowercase letters, numbers and special symbols, such as this one: F:cQu+Fe!HZ-2@6FKcjY

The password generated by Apple's password manager is similar to this: hupvEw-fodne1-qabjyg Although it has special symbols, lowercase letters and numbers, it looks more like certain words.

In fact, these double musical characters are not composed of words. Of course, this is not conceived by Apple engineers. Instead, this type of two-syllable word password is deliberately generated based on a certain mechanism designed.

The implications behind this type of password design:

Apple engineers said that the core purpose of this type of password is to allow users to remember it in a short time but not in a long time. Why is there this strange design concept?

The reason is to enable users to type on certain keyboards with less-than-ideal layouts, such as on a game controller when selecting characters to enter via a remote control on the on-screen virtual keyboard. The user needs to glance at part of the password and then enter it.

The characters used in these passwords are all based on syllables, including consonants (Apple only selected 19 of them), vowels (Apple only selected 6 of them) and consonant patterns. Based on past experience, it is relatively more convenient to choose such passwords when inputting on non-standard keyboards.

Of course, the actual design also needs to consider password strength and website compatibility issues. For example, some websites only allow a few special characters, such as @! : etc. may not be supported, so Apple only chooses the hyphen - as the special character.

In addition, for security reasons, Apple has also reserved an offensive dictionary on the device. If a password generated by Apple's password manager encounters a field in the dictionary, the password will be immediately filtered out and a new password will be regenerated.

The final effect of the above design is that while ensuring security, the generated password allows users to glance at it and remember it in a short time, but it does not allow most users to remember it for a long time.