Chrome may soon check saved passwords for weaknesses
Most web browsers come with options to save account information, usually username and password, when users sign-up for new services or sign-in to a service.
Google's Chrome web browser and other Chromium-based browsers are no exception to that. Google started to integrated a password checker in the company's Chrome browser back in 2019 to alert users about passwords founds in leaks. The company released a Password Checkup extension initially but decided to integrate the functionality into Chrome natively.
The upcoming release of Google Chrome 87 improves the functionality further if everything goes according to plan. Google has integrated options to check for weak passwords in the latest Chrome Canary version. Chrome Canary is the cutting edge development version of Google Chrome.
For now, it is necessary to enable the feature on Chrome's experimental flags page. Note that the new feature requires that you sign-in to a Google Account in Chrome as you won't be able to use it otherwise.
Here is how you enable the weak password check feature in Chrome:
- Make sure you run at least Chrome 87. You can check that by loading chrome://settings/help.
- Load chrome://flags/ in the web browser's address bar.
- Search for "passwords weakness check". You may also load chrome://flags/#passwords-weakness-check directly if you prefer that.
- Set the flag to Enabled.
- Restart the Chrome browser.
The feature is available in all desktop versions of Google Chrome but not on Android or iOS.
To run a check for weak passwords in Chrome, do the following:
- Load chrome://settings/passwords in the browser's address bar to open the Password settings and interface.
- Active the "check passwords" button in the interface.
Chrome checks all stored passwords and alerts you about compromised or weak passwords. The browser suggests to change compromised or weak passwords immediately.
Google does not reveal information about the algorithm that it uses to determine whether a password is weak. Chrome may also display alerts to the user when passwords are used actively and detected as weak, similarly to how Chrome warns users if compromised passwords are used in the web browser.
Users who store passwords in the web browser may soon be alerted about weak passwords next to compromised passwords; that is a good thing as it may help them improve password security. Downside to Google's implementation is the account requirement. Not everyone signs-in to the browser and many users don't want to; restricting the password checkup feature to signed-in accounts limits the useful functionality.
Now You: Password checks in browsers, yay or nay? What is your take on this?Advertisement