Google Offers Hassle-Free Way To Update Leaked Passwords

Google is making it easier to change passwords on an Android device after a security breach. It's automating much of the process through the Google Assistant feature.

It works with the saved passwords tool on Chrome, which can automatically fill in user names and password fields on websites. The passwords themselves are then stored securely in the user's Google account, which is one of the reasons it's so important to keep the Google password secure.

On both desktop and mobile devices, Chrome can already warn users if their saved login details for a particular site is known to have been compromised. This most commonly happens when a website's database of passwords is breached and successfully decrypted (or wasn't encrypted in the first place) and then made public.

Password Hassle

Such a breach creates a double risk: that hackers will be able to access the compromised account, and they will try the same login details on other sites hoping that the same password was re-used, which is often the case.

In most cases, somebody who gets the alert from Chrome will need to visit the site in question, find the page for their account details, and manually create a new password. Chrome should then offer to automatically update it in their list of saved passwords. This process can be particularly fiddly on a mobile device.

Fully Automated

The new feature aims to automate this as much as possible. It only works on some websites, but when it displays an alert, there will now be a "Change automatically" button. Pressing this takes users directly to the relevant page on the website for changing a password. (Source: androidpolice.com)

It will even suggest a new secure password, usually a completely random set of characters. Users can instead choose to type their preferred password.

As The Verge points out, this automated feature is already offered by many dedicated password managers. However, it could make a big difference to people who don't use such tools and instead rely on Google and Chrome. (Source: theverge.com)

What's Your Opinion?

Have you noticed a compromised password warning from Chrome? Do you change passwords when you see such an alert or is it too much hassle? Do you trust Google to keep stored passwords secure?