Weak passwords can give hackers easy access to any of your online accounts. Password managers can tell if a password is weak and will even suggest alternatives, but Google Chrome is going one step ahead.

Chrome Will Automatically Change Your Weak Passwords

Chrome’s password manager can already detect if you’re using a weak or compromised password for a website. Now, Google is launching a new feature called Automatic password change that’ll automatically prompt you during sign-in with an option to update your password to a stronger one on supported websites.

The feature was announced at Google I/O, giving developers time to update their apps and websites to support it when it launches later in 2025. Google’s announcement doesn’t mention a launch window. However, given the number of password-related features coming to Chrome, it can be a while before we see this in action.

How useful this feature ends up being completely depends on whether or not the hundreds of thousands of websites on the internet support it. I imagine it’ll take years before support for the feature extends beyond well-known services and social media websites, but it’s a good start regardless.

While the feature will save you from having to hunt through a website’s account settings to change your password, it’s unclear how you’ll be informed of the change. Parisa Tabriz, VP and GM of Chrome, told The Verge in a briefing ahead of Google I/O that Chrome won’t change a bad or compromised password without user consent. However, the feature demonstration video on Google’s announcement blog doesn’t show any authentication or verification prompts before updating passwords.

We also don’t know whether Chrome will automatically update all your passwords frequently, so they’re never outdated, or only make the change once to bring any weak or compromised passwords you might be using up to standard.

There are tools you can use to check if your password is compromised, but having this functionality built into the browser makes it accessible to a lot more users. You can also make your passwords more secure yourself, but having Chrome do it automatically saves a lot of hassle.

I find the idea of my browser automatically updating my passwords a bit too invasive, especially if done without authentication. However, changing passwords has become an increasingly difficult task, especially with websites now having rules about what characters should be included in your password. If implemented properly, the new feature can significantly improve the account security of millions of users, especially given Chrome’s massive user base.

Google Is Taking Password Management Seriously

Google has announced more password management features in addition to Automatic password change. Chrome is getting support for importing and exporting passkeys and passwords based on FIDO standards. This moves past the old method of exporting credentials as a file, which is then imported into another browser. The new process doesn’t require you to deal with any files.

Related

Is Google Password Manager Safe and Secure?

Google might ask you if you want it to store your login credentials, but can you trust Google’s own Password Manager? Is it safe to use?

There’s good news for developers, too. Google is extending its Credential Manager API to let developers request any type of credentials from its browser, making for a more secure login experience regardless of whether you’re using passwords, passkeys, or other login options for your service.

Passkey support in Chrome has been extended to iOS, letting you sync passkeys and log in securely on Android, Windows, macOS, ChromeOS, Linux, and finally iOS. You’ll also see automatic passkey creation, improvements to autofill, better credential sharing across apps and web, and more.