Password check: update compromised and weak password UI

* Update the PW check UI to show compromised and weak password counts the same way as safety check does with crrev.com/c/2547582. * Also moves the corresponding strings from the SC to the PW check. Translation screenshots: IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT https://storage.cloud.google.com/chromium-translation-screenshots/57beb450355e12e0a3ca2c8c9a4ce2b41a892535 IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT https://storage.cloud.google.com/chromium-translation-screenshots/3530dd0582d65de57d6d71d472576ce8c41fd292 Bug: 1128904 Change-Id: Ic98ed21c020132e3e36221b441eec138b2e85d63 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2567779 Commit-Queue: Rainhard Findling <rainhard@chromium.org> Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Reviewed-by: Esmael Elmoslimany <aee@chromium.org> Cr-Commit-Position: refs/heads/master@{#834650}

Password check: update compromised and weak password UI
* Update the PW check UI to show compromised and weak password counts the same way as safety check does with crrev.com/c/2547582. * Also moves the corresponding strings from the SC to the PW check. Translation screenshots: IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT https://storage.cloud.google.com/chromium-translation-screenshots/57beb450355e12e0a3ca2c8c9a4ce2b41a892535 IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT https://storage.cloud.google.com/chromium-translation-screenshots/3530dd0582d65de57d6d71d472576ce8c41fd292 Bug: 1128904 Change-Id: Ic98ed21c020132e3e36221b441eec138b2e85d63 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2567779 Commit-Queue: Rainhard Findling <rainhard@chromium.org> Reviewed-by: Jan Wilken Dörrie <jdoerrie@chromium.org> Reviewed-by: Esmael Elmoslimany <aee@chromium.org> Cr-Commit-Position: refs/heads/master@{#834650}
eedc3090 · Rainhard Findling · Chromium LUCI CQ · 4c36e404 · eedc3090 · eedc3090
Commit eedc3090 authored Dec 08, 2020 by Rainhard Findling Committed by Chromium LUCI CQ Dec 08, 2020
10 changed files
--- a/chrome/app/settings_strings.grdp
+++ b/chrome/app/settings_strings.grdp
@@ -358,11 +358,11 @@
      =1 {{COUNT} compromised password}
      other {{COUNT} compromised passwords}}
  </message>
-  <message name="IDS_SETTINGS_INSECURE_PASSWORDS_COUNT" desc="Number of insecure passwords present in the database">
+  <message name="IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT" desc="This short text shows the amount of compromised passwords that the Chrome password check found.">
-    {COUNT, plural,
+    {NUM_COMPROMISED, plural,
-      =0 {No security issues found}
+      =0 {No compromised passwords}
-      =1 {Found {COUNT} security issue}
+      =1 {1 compromised password}
-      other {Found {COUNT} security issues}}
+      other {{NUM_COMPROMISED} compromised passwords}}
  </message>
  <message name="IDS_SETTINGS_WEAK_PASSWORDS_COUNT" desc="Number of weak passwords present in the database. Displayed when the user is signed out and no compromised passwords exist">
    {COUNT, plural,
@@ -370,6 +370,18 @@
      =1 {Found {COUNT} weak password}
      other {Found {COUNT} weak passwords}}
  </message>
+  <message name="IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT" desc="This short text shows the amount of weak passwords that the Chrome password check found.">
+    {NUM_WEAK, plural,
+      =0 {No weak passwords}
+      =1 {1 weak password}
+      other {{NUM_WEAK} weak passwords}}
+  </message>
+  <message name="IDS_SETTINGS_INSECURE_PASSWORDS_COUNT" desc="Number of insecure passwords present in the database">
+    {COUNT, plural,
+      =0 {No security issues found}
+      =1 {Found {COUNT} security issue}
+      other {Found {COUNT} security issues}}
+  </message>
  <message name="IDS_SETTINGS_CHECK_PASSWORDS_AGAIN" desc="Button to start bulk password check manually in passwords check section.">
    Check again
  </message>
@@ -1244,15 +1256,6 @@
  <message name="IDS_SETTINGS_SAFETY_CHECK_PASSWORDS_FEATURE_UNAVAILABLE" desc="Explains that the password check feature is not available in this version of the browser.">
    Password check is not available in Chromium
  </message>
-  <message name="IDS_SETTINGS_SAFETY_CHECK_PASSWORDS_SAFE" desc="This text explains that the Chrome password check did not find any insecure passwords.">
-    No security issues found
-  </message>
-  <message name="IDS_SETTINGS_SAFETY_CHECK_COMPROMISED_PASSWORDS" desc="This shows the amount of compromised passwords that the Chrome password check found.">
-    {NUM_COMPROMISED, plural, =0 {} =1 {1 compromised password} other {{NUM_COMPROMISED} compromised passwords}}
-  </message>
-  <message name="IDS_SETTINGS_SAFETY_CHECK_WEAK_PASSWORDS" desc="This shows the amount of weak passwords that the Chrome password check found.">
-    {NUM_WEAK, plural, =0 {} =1 {1 weak password} other {{NUM_WEAK} weak passwords}}
-  </message>
  <message name="IDS_SETTINGS_SAFETY_CHECK_PASSWORDS_BUTTON_ARIA_LABEL" desc="Accessibility text for the button that allows users to review their passwords.">
    Review passwords
  </message>

--- a/chrome/app/settings_strings_grdp/IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT.png.sha1
+++ b/chrome/app/settings_strings_grdp/IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT.png.sha1
+57beb450355e12e0a3ca2c8c9a4ce2b41a892535
\ No newline at end of file
--- a/chrome/app/settings_strings_grdp/IDS_SETTINGS_SAFETY_CHECK_COMPROMISED_PASSWORDS.png.sha1
+++ b/chrome/app/settings_strings_grdp/IDS_SETTINGS_SAFETY_CHECK_COMPROMISED_PASSWORDS.png.sha1
-48000c9b3b776cd72ef4b37861123533cef88cb7
\ No newline at end of file
--- a/chrome/app/settings_strings_grdp/IDS_SETTINGS_SAFETY_CHECK_PASSWORDS_SAFE.png.sha1
+++ b/chrome/app/settings_strings_grdp/IDS_SETTINGS_SAFETY_CHECK_PASSWORDS_SAFE.png.sha1
-9337b5cfa3bcef4342156a73d83cf37043f783e9
\ No newline at end of file
--- a/chrome/app/settings_strings_grdp/IDS_SETTINGS_SAFETY_CHECK_WEAK_PASSWORDS.png.sha1
+++ b/chrome/app/settings_strings_grdp/IDS_SETTINGS_SAFETY_CHECK_WEAK_PASSWORDS.png.sha1
-8d987688c08641fee35f117eddeaa63f9769a515
\ No newline at end of file
--- a/chrome/app/settings_strings_grdp/IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT.png.sha1
+++ b/chrome/app/settings_strings_grdp/IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT.png.sha1
+3530dd0582d65de57d6d71d472576ce8c41fd292
\ No newline at end of file
--- a/chrome/browser/resources/settings/autofill_page/password_check_behavior.js
+++ b/chrome/browser/resources/settings/autofill_page/password_check_behavior.js
@@ -146,6 +146,16 @@ export const PasswordCheckBehavior = {
    this.weakCredentialsListener_ = null;
  },
+  /**
+   * True if weak passwords are shown in SC, in which case the PW check UI
+   * adapts a bit to show the information in the same form as SC.
+   * @return {boolean}
+   * @private
+   */
+  safetyCheckWeakPasswordsEnabled_() {
+    return loadTimeData.getBoolean('safetyCheckWeakPasswordsEnabled');
+  },
  /**
   * Helper that fetches pluralized strings corresponding to the number of
   * compromised, weak and insecure credentials.
@@ -162,8 +172,28 @@ export const PasswordCheckBehavior = {
    proxy.getPluralString('weakPasswords', weak)
        .then(count => this.weakPasswordsCount = count);
-    proxy.getPluralString('insecurePasswords', compromised + weak)
+    (() => {
-        .then(count => this.insecurePasswordsCount = count);
+      if (!this.safetyCheckWeakPasswordsEnabled_()) {
+        // Old code path: adds up compromised and weak passwords.
+        return proxy.getPluralString('insecurePasswords', compromised + weak);
+      }
+      if (compromised > 0 && weak > 0) {
+        return proxy.getPluralStringTupleWithComma(
+            'safetyCheckPasswordsCompromised', compromised,
+            'safetyCheckPasswordsWeak', weak);
+      }
+      if (compromised > 0) {
+        // Only compromised and no weak passwords.
+        return proxy.getPluralString(
+            'safetyCheckPasswordsCompromised', compromised);
+      }
+      if (weak > 0) {
+        // Only weak and no compromised passwords.
+        return proxy.getPluralString('safetyCheckPasswordsWeak', weak);
+      }
+      // No security issues.
+      return proxy.getPluralString('compromisedPasswords', 0);
+    })().then(count => this.insecurePasswordsCount = count);
  },
  /**

--- a/chrome/browser/ui/webui/settings/safety_check_handler.cc
+++ b/chrome/browser/ui/webui/settings/safety_check_handler.cc
@@ -652,13 +652,8 @@ base::string16 SafetyCheckHandler::GetStringForPasswords(
                                        base::FormatNumber(total.value()));
    }
    case PasswordsStatus::kSafe:
-      // TODO(crbug.com/1128904): Clean up the old code path.
+      return l10n_util::GetPluralStringFUTF16(
-      if (!base::FeatureList::IsEnabled(features::kSafetyCheckWeakPasswords)) {
+          IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT, 0);
-        return l10n_util::GetPluralStringFUTF16(
-            IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT, 0);
-      }
-      return l10n_util::GetStringUTF16(
-          IDS_SETTINGS_SAFETY_CHECK_PASSWORDS_SAFE);
    case PasswordsStatus::kCompromisedExist:
      // TODO(crbug.com/1128904): Clean up the old code path.
      if (!base::FeatureList::IsEnabled(features::kSafetyCheckWeakPasswords)) {
@@ -668,22 +663,22 @@ base::string16 SafetyCheckHandler::GetStringForPasswords(
      if (weak.value() == 0) {
        // Only compromised passwords, no weak passwords.
        return l10n_util::GetPluralStringFUTF16(
-            IDS_SETTINGS_SAFETY_CHECK_COMPROMISED_PASSWORDS,
+            IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT,
            compromised.value());
      } else {
        // Both compromised and weak passwords.
        return l10n_util::GetStringFUTF16(
            IDS_CONCAT_TWO_STRINGS_WITH_COMMA,
            l10n_util::GetPluralStringFUTF16(
-                IDS_SETTINGS_SAFETY_CHECK_COMPROMISED_PASSWORDS,
+                IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT,
                compromised.value()),
            l10n_util::GetPluralStringFUTF16(
-                IDS_SETTINGS_SAFETY_CHECK_WEAK_PASSWORDS, weak.value()));
+                IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT, weak.value()));
      }
    case PasswordsStatus::kWeakPasswordsExist:
      // Only weak passwords.
      return l10n_util::GetPluralStringFUTF16(
-          IDS_SETTINGS_SAFETY_CHECK_WEAK_PASSWORDS, weak.value());
+          IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT, weak.value());
    case PasswordsStatus::kOffline:
      return l10n_util::GetStringUTF16(
          IDS_SETTINGS_CHECK_PASSWORDS_ERROR_OFFLINE);

--- a/chrome/browser/ui/webui/settings/safety_check_handler_unittest.cc
+++ b/chrome/browser/ui/webui/settings/safety_check_handler_unittest.cc
@@ -885,7 +885,7 @@ TEST_F(SafetyCheckHandlerTest, CheckPasswords_Safe) {
          kPasswords,
          static_cast<int>(SafetyCheckHandler::PasswordsStatus::kSafe));
  EXPECT_TRUE(event);
-  VerifyDisplayString(event, "No security issues found");
+  VerifyDisplayString(event, "No compromised passwords found");
  histogram_tester_.ExpectBucketCount(
      "Settings.SafetyCheck.PasswordsResult",
      SafetyCheckHandler::PasswordsStatus::kSafe, 1);

--- a/chrome/browser/ui/webui/settings/settings_ui.cc
+++ b/chrome/browser/ui/webui/settings/settings_ui.cc
@@ -317,6 +317,10 @@ SettingsUI::SettingsUI(content::WebUI* web_ui)
                                                  features::kNewProfilePicker));
 #endif  // !BUILDFLAG(IS_CHROMEOS_ASH)
+  html_source->AddBoolean(
+      "safetyCheckWeakPasswordsEnabled",
+      base::FeatureList::IsEnabled(features::kSafetyCheckWeakPasswords));
  AddSettingsPageUIHandler(std::make_unique<AboutHandler>(profile));
  AddSettingsPageUIHandler(std::make_unique<ResetSettingsHandler>(profile));
@@ -333,6 +337,11 @@ SettingsUI::SettingsUI(content::WebUI* web_ui)
  plural_string_handler->AddLocalizedString(
      "movePasswordsToAccount",
      IDS_SETTINGS_PASSWORD_MOVE_PASSWORDS_TO_ACCOUNT_COUNT);
+  plural_string_handler->AddLocalizedString(
+      "safetyCheckPasswordsCompromised",
+      IDS_SETTINGS_COMPROMISED_PASSWORDS_COUNT_SHORT);
+  plural_string_handler->AddLocalizedString(
+      "safetyCheckPasswordsWeak", IDS_SETTINGS_WEAK_PASSWORDS_COUNT_SHORT);
  web_ui->AddMessageHandler(std::move(plural_string_handler));
  // Add the metrics handler to write uma stats.