Google is now testing the integration of its Password Checkup extension directly in desktop Chrome, without the need to download or install anything. As reported by the technology blog TechDows, the feature will do precisely what the title of its apparent originating extension implies. When a user has the feature activated, it will check their input passwords in the browser to see whether the associated credentials have been compromised.
More succinctly, the tool checks passwords against publicly available lists of credentials that have been leaked, especially where a given site is known to have suffered a breach. Google informs the user alongside suggestions for action to take via a pop-up if a leak is found.
The feature is being tied directly into the Chrome browser's password manager too. So if a user's password is appearing in those lists, the user will be able to readily navigate to a given site via the tool and use Google's password selection features to set up and save a stronger password.
Want to activate password checkup protections now?
For now, the only way to activate the password protection feature is through a Chrome hidden 'flag' setting in the Canary Channel. That also appears to be limited to desktop platforms for the time being. So users will need to be on Windows, Mac, or Linux to use the tool. Chrome OS will likely receive the feature with a full-fledged update but it should be available there as well.
Google hasn't given any hints about whether or not Android will see the feature too. But that isn't out of the question.
It's also not immediately clear whether or not users will need to allow access on a per-site basis. Google may make that an option since the similarly featured extension does allow for that in its current form. That does seem likely since Google continues facing scrutiny over how it protects its users and its own practices
Regardless, its placement in the desktop Chrome environment makes getting access to the feature straightforward. Users will first need to download the Canary version of the browser. Chrome Canary can be installed alongside the standard Stable edition on any of the above-mentioned operating systems.
Once installed, users must navigate to the "chrome://flags" URL and search for the "Password leak detection" experimental setting. Using the associated drop-down box, changing the selected option from "Default" to "Enabled," users can turn on the feature. After a restart, that will be fully enabled.
Building on a solid foundation of security improvements
This new use for Google's Chrome Password Checkup tool is the only change the company has made in Chrome over the past several updates in favor of better security. Those have been both in the foreground in user-facing features such as this and under-the-hood.
Arguably, that's in part because of fines the company has faced both at home and abroad. Several key legislators are looking to break up the tech giants in the U.S. too, setting aside ongoing government investigations. Regardless, the changes will make browsing in Chrome much more secure.
The new experimental feature is available in the Canary Channel of Chrome with version 77. So it should be rolled out by Chrome 77 or 78, pending the discovery of bugs or other hiccups. Those are scheduled for September 10 or October 22, respectively.