Google Chrome now checks for weak passwords, helps fix them

Google has added a new feature to the Chrome web browser that will make it easier to check if their stored passwords are weak and easy to guess, exposing users to brute force attacks or password cracking attempts.

The new feature will be rolled out to Google Chrome users over the coming weeks after updating to version 88, promoted yesterday to the Stable channel.

This feature was introduced to Chrome Canary in December, hidden behind the experimental "Passwords weakness check" Chrome flag.

Checking for weak passwords

Google Chrome allows creating, storing, and filling your passwords with a mouse click while browsing the web using a built-in password manager.

After finding weak passwords, Chrome will allow you to change them using stronger ones that can be generated on the spot and stored for later use.

"We’ve all had moments where we’ve rushed to set up a new login, choosing a simple 'name-of-your-pet' password to get set up quickly," Chrome product manager Ali Sarraf said.

"However, weak passwords expose you to security risks and should be avoided. In Chrome 88, you can now complete a simple check to identify any weak passwords and take action easily."

Passwords weakness check
Passwords weakness check (Google)

To check your weak passwords using Chrome's password safety check, you have to go to Settings > Passwords > Check passwords > Check Now to perform a safety check of your passwords.

Once you click the button, Google will automatically start scanning your saved passwords and highlight the weaker ones. Next, you can click the "Review" button to change the saved password with a stronger one.

Compromised password alerts

Chrome also warns you if one of your stored passwords have been compromised in a data breach after logging in to sites.

A study conducted by Google found that 1.5% of all logins have been compromised in data breaches. The study also showed that roughly 26% of users who saw a data breach notification in their browser also changed their password.

"Chrome’s Safety Check is used 14 million times every week," Sarraf added. "As a result of Safety Check and other improvements launched in 2020, we’ve seen a 37% reduction in compromised credentials stored in Chrome."

Starting September 2020, with the release of Chrome 86, the web browser also helps reset stored passwords compromised in data breaches.

Related Articles:

Google fixes one more Chrome zero-day exploited at Pwn2Own

New Chrome feature aims to stop hackers from using stolen cookies

Google agrees to delete Chrome browsing data of 136 million users

Google fixes Chrome zero-days exploited at Pwn2Own 2024

Microsoft again bothers Chrome users with Bing popup ads in Windows