how Google checks if your password has been compromised
We tell you how to use Chrome to check the strength of your passwords and if any of the credentials stored in the Google browser have appeared in the data leaks in recent years.
The browser’s password store is the tool that most of us use to manage the tens or hundreds of access credentials to different websites, platforms, and services accumulated over the years.
It is not the best protection, and it has had significant security problems, but it is better than using the same password for everything and, above all, the most accessible. More, of course, than using a third-party password manager.
It is not that Google neglects the security of passwords in its browser, but as users prefer it, cybercriminals prefer it. Chrome offers beneficial advanced security features like using auto-generated solid passwords.
Still, it’s a pain to remember if you want to log in with another browser.
Another feature that Chrome added last year is checking the strength of passwords saved in the browser and see if they’ve ever been compromised.
For this final purpose, it compares the information stored with the databases of security websites such as Have I been pwned? that collect the regularly occurring leaks on platforms and services.
To access this feature, you must follow these steps:
- Open Google Chrome with an active Google account in the browser.
- Click or tap on the three vertical dots icon in the top right corner.
- Select Settings from the menu that appears.
- On your computer, click AutoFill in the left menu, then Passwords.
- In the Chrome app, tap Passwords.
- Select Check Passwords.
Every time you enter this section, Chrome will verify all the stored passwords and inform you of compromised and unsafe ones.
If there is a positive result, the browser urges you to change the password in the first case and suggests doing it in the second. By clicking on the Change password button, Chrome redirects you to the corresponding service page to modify, advising you to use a password generated by Google.