Android users will find Password Checkup as part of the "Autofill with Google" feature This saves time when filling out online forms with stored data and allows Google to tell you when you need to update your login information
This new iteration of the password checking feature takes the passwords you have stored in Android's own password manager and checks them against a database of publicly known data breaches If your password has been leaked online, you will receive a warning that you need to change it
Google also makes it clear that you can trust them to keep your password secure during this process Your information is never shared in plain text, and all that comes out of your phone is a partially encrypted hash [Because the first two bytes of that hash are not encrypted, the leak database can use it and send back a list of leaks that share the same two-byte prefix Google then checks your credentials against the known leaks and alerts you if there is a match
The last part of this process is done locally, so your passwords and other unencrypted information never leave your phone Of course, there is no way to access unencrypted information from the compromised database
Password Checkup has already been deployed to Android phones running Android 9 or higher, but Autofill must be turned on to actually use it
Go to Settings > System > Language and Input > Advanced > Autofill Service Click on the "Settings" gear icon next to Google and Android will guide you through all the setting actions
Next time you log into a service with a suspicious password, Google will warn you But that's all Google can do; it's completely up to you to change your password
If you use the same one for all your passwords, you need to remember to change them; Google can help you with that, but it is often better to use a stand-alone password manager Just remember to choose something unique for each of them
Comments