Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager

Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager

Posted on By CWS

Might 21, 2025Ravie LakshmananData Breach / Account Safety
Google has introduced a brand new characteristic in its Chrome browser that lets its built-in Password Supervisor routinely change a consumer’s password when it detects the credentials to be compromised.
“When Chrome detects a compromised password throughout sign up, Google Password Supervisor prompts the consumer with an choice to repair it routinely,” Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura mentioned. “On supported web sites, Chrome can generate a powerful alternative and replace the password for the consumer routinely.”
The characteristic builds upon Password Supervisor’s present capabilities to generate sturdy passwords throughout sign-up and flag credentials which were detected in a knowledge breach.
With the automated password change, Google mentioned the thought is to cut back friction and assist customers maintain their accounts safe with out having to seek for related account settings or abandon the method halfway.
Web site house owners can assist this characteristic by adopting the next strategies –

Use autocomplete=”current-password” and autocomplete=”new-password” to set off autofill and storage
Arrange a redirect from <your-website-domain>/.well-known/change-password to the password change type on their web site

“It might be a lot simpler if password managers might navigate the consumer on to the change-password URL,” Kitamura mentioned. “That is the place a well known URL for altering passwords turns into helpful.”

“By reserving a well known URL path that redirects the consumer to the change password web page, the web site can simply redirect customers to the suitable place to alter their passwords.”
The event comes as corporations are more and more shifting to passkeys as a stronger different to guard accounts from potential takeover assaults. Earlier this month, Microsoft mentioned it is making passkeys the default technique when signing up for brand spanking new buyer accounts.

Discovered this text attention-grabbing? Comply with us on Twitter  and LinkedIn to learn extra unique content material we put up.

The Hacker News Tags:, , , , , ,

Related Posts

SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities The Hacker News
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks The Hacker News
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances The Hacker News
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues The Hacker News
LeakyLooker Flaws in Google Looker Studio Exposed LeakyLooker Flaws in Google Looker Studio Exposed The Hacker News
Coruna iOS Kit Revives 2023 Exploits in New Attacks Coruna iOS Kit Revives 2023 Exploits in New Attacks The Hacker News