Skip to main content

Google Assistant can now auto-update breached passwords for more users

Google Assistant smart lights
Google Assistant (Image credit: Chris Wedel/Android Central)

What you need to know

  • Google Assistant's automatic password updater is now available to more users on Chrome for Android.
  • The feature allows Assistant to automatically change a password that Chrome has discovered to be compromised.
  • You can either let the digital assistant suggest a new password or manually enter your own.

You can already check the security of passwords saved to your Google account and see which credentials need to be updated when a breach occurs, thanks to Google Chrome version 88 (opens in new tab), which arrived early last year. Google is now supercharging that feature with a Google Assistant (opens in new tab) capability that updates your compromised passwords for you.

The password auto-updater was first announced by Google at its I/O event last year, but it has since only been made available to a small number of Android users. According to leaker Max Weinbach (opens in new tab), it is now rolling out to a broader group of Chrome users (via Android Police (opens in new tab)).

When you sign in to a website with a potentially compromised password, Assistant will now warn you about the risk and offer to update your password on your behalf. To take action, simply tap the blue button, and Google will redirect you to the specific website where your password needs to be updated.

You'll have the option to let Chrome’s built-in password manager generate a new password for you, which comes in handy if you want to save time setting up a secure replacement. Otherwise, you can always take over this process if you want to create something else.

That said, the password auto-updater is not available on all websites for the time being. Only a handful of sites are supported, and in cases where Assistant is unable to update your password, you'll be prompted to do so manually.

Some of the best password managers for Android (opens in new tab), such as Google's Password Manager, already monitor for compromised passwords stored in Chrome and alert you when one of your credentials is compromised. It also notifies you if your passwords are weak or have been used on multiple websites, and prompts you to change them with stronger ones. LastPass also offers this capability (opens in new tab). However, the process would normally require human intervention.

The new feature can complete as much of that process as possible. It relies on Google's web version of Duplex, which is designed to automate multiple steps, such as clicking and filling out online forms.

Unless one of your passwords has figured in a data breach, you are unlikely to encounter the new feature. You can only hope that this warning will never appear when you log in to a website. If it does, the voice assistant will now automate a process that would typically take much of your time.