Google has introduced a brand new characteristic in its Chrome browser that lets its built-in Password Supervisor routinely change a consumer’s password when it detects the credentials to be compromised.
“When Chrome detects a compromised password throughout register, Google Password Supervisor prompts the consumer with an possibility to repair it routinely,” Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura mentioned. “On supported web sites, Chrome can generate a powerful alternative and replace the password for the consumer routinely.”
The characteristic builds upon Password Supervisor’s current capabilities to generate sturdy passwords throughout sign-up and flag credentials which have been detected in a data breach.
With the automated password change, Google mentioned the concept is to scale back friction and assist customers preserve their accounts safe with out having to seek for related account settings or abandon the method halfway.
Web site homeowners can assist this characteristic by adopting the next strategies –
- Use autocomplete=”current-password” and autocomplete=”new-password” to set off autofill and storage
- Arrange a redirect from <your-website-domain>/.well-known/change-password to the password change kind on their web site
“It will be a lot simpler if password managers may navigate the consumer on to the change-password URL,” Kitamura mentioned. “That is the place a widely known URL for altering passwords turns into helpful.”
“By reserving a widely known URL path that redirects the consumer to the change password web page, the web site can simply redirect customers to the proper place to vary their passwords.”
The event comes as corporations are more and more shifting to passkeys as a stronger various to guard accounts from potential takeover assaults. Earlier this month, Microsoft mentioned it is making passkeys the default methodology when signing up for brand spanking new buyer accounts.
