In recent years, a large number of password databases have been stolen. Due to the bad practices of the use of passwords (that is, to the reuse of them on our part, and the use of insecure hashes on the part of the webs), our passwords, along with users and emails, have fallen into the hands of hackers. With them they can log in to any website where we are registered, access our email, and impersonate our identity. To avoid this, it is necessary to update all these passwords, taking advantage to use good security practices. And Google Chrome , now, makes it even easier for us.
For a long time, if we have our passwords synchronized with Google, the browser indicates all those that are exposed and pose a danger to our security. That Chrome shows us a warning in these passwords means that they have been found in one of the databases that circulate public on the Internet and that we must change it as soon as possible.
We can see this notice both in the list of saved passwords from Chrome , and when logging in to a website using an exposed password.
If we see a message like the previous one, we must check our passwords and change all those that are vulnerable as soon as possible. However, many users do not. Especially since going web to web, logging in and changing passwords is a most tedious task. Especially when we have hundreds of vulnerable passwords.
Luckily, this new Chrome feature will allow us to change our vulnerable passwords much more easily.
Changing passwords in Chrome will be a one-click thing
Since the last version of Google Chrome 86 (in beta), from now on when we check our passwords we will be able to see, as always, all those that are exposed and are a danger to our security. We can do it directly by typing in the address bar:
chrome://settings/passwords/check?start=true
As we can see, next to each vulnerable password a new button will appear called ” Change password “. Obviously, from its name we already know what this button will do. However, we detail its operation.
Web developers have long been urged to create a new URL, /.well-known/change-password , that allows users to directly access the password change section to reset their password. Obviously not all websites have it, but those that have implemented it will allow us to change the password directly for a secure one quickly. If a website does not have this technique implemented, then the home page of the page will open to be able to change it.
The objective of this function is that, by making it easier and faster to change the password, more users are encouraged to change them to protect their security. It is expected that, with the arrival of Chrome 86 to the stable branch , everyone can take advantage of this feature.
Activate the function
As it is still in the experimental phase, this new feature is disabled by default. If we want to use it we will have to activate it before. To do this, we just have to write the following in the address bar to go to the corresponding flag.
chrome://flags/#well-known-change-password
We mark this flag as “Enabled” and restart the browser. That new button should now appear, along with the vulnerable passwords, to be able to change them easily. If we want to disable it, we simply have to revert the previous change to disable this experimental Chrome function.
