Chrome will auto-change your compromised password – if you want

Last updated: 21 May 2025
password-change
Image by Cybernews.

A new feature in Google Chrome browser allows its built-in Password Manager to automatically change a user’s password when it determines that the credentials have been compromised.

“When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically,” Google's Ashima Arora, Chirag Desai, and Eiji Kitamura– who all work on browser identity features – said.

“On supported websites, Chrome can generate a strong replacement and update the password for the user automatically.”

ADVERTISEMENT

Google also says that its Password Manager is already able to assist users by generating strong passwords during sign-up and flagging credentials that have been detected in a data breach.

Marcus Walsh profile Niamh Ancell BW vilius jurgita
Don't miss our latest stories on Google News
Google News Follow us

The tech giant is marketing this as an ability to fix compromised passwords in one click: “This reduces friction and helps users to keep their account secure, without hunting through account settings or abandoning the process partway.”

Website owners can support this feature by applying the following methods:

  • Use autocomplete="current-password" and autocomplete="new-password" to trigger autofill and storage;
  • Set up a redirect from /.well-known/change-password to the password change form on their website. When a vulnerable password is detected, password managers can navigate the user to the change password page.

Kitamura, though, admits that passwords aren’t the best way to manage accounts. It’s no accident that companies such as Microsoft now say that users will be able to choose passwordless options – passkeys, for instance – when creating their account or logging in.

Still, according to Kitamura, “these technologies are still being developed and things won't change rapidly.” That’s why “many developers will still need to deal with passwords for at least the next few years.”

“While we wait for the emerging technologies and techniques to become commonplace, we can at least make passwords easier to use,” said Kitamura.

ADVERTISEMENT

However, mindful that passkeys are growing in popularity, Chrome has also introduced an application programming interface that helps website owners create a passkey for their users automatically after a successful password sign-in.

Share
Post
Share
Share
Share
More from Cybernews
McDonald’s hiring platform exposes 64M job applications
UK police arrest four in connection with M&S, Co-op, and Harrods cyberattacks
FT: “Apple is bidding to buy Formula 1 broadcast rights in the US”
Taliban’s Instagram tourist video with rifles, fake hostages, and “vacation vibes,” causes controversy
Qantas offers more clarity on recent data breach
OpenAI and Jony Ive’s startup deal has reached an end. What to expect next?
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked