Google plans to roll out this feature in Chrome 86
Google Chrome 86 may allow users to quickly charge compromised passwords
Websites can set change-password URL format in Chrome 86
The support will be included in Chrome 86’s “Check passwords” feature
Google Chrome will soon roll out a way that will allow users to easily reset the passwords that have been compromised in data breaches. Apparently taking a cue from Apple, Google plans to introduce the new feature in Chrome 86 that will allow users to know and easily change their stored credentials, such as usernames and passwords, when they are reported compromised. Apple has reportedly been using this feature since 2018 in Safari Web browser and iCloud Keychain.
According to a post sent to the Blink-Dev (Blink is the browser engine used by Chromium project) mailing list, accessed by Bleeping Computer, Google plans to introduce a way for websites to declare the change password pages, that information will then be used to help users quickly navigate to change password pages to update their credentials in the case of a data breach. Apple had developed the specification for declaring a change password URL and Google plans to use the specification.
“Chrome will leverage this change password URL to help users easily change their weak / compromised passwords following a bulk password check (Desktop, Android, iOS). We want to ship this to 100% in M86,” wrote Ali Sarraf, a product manager at Google, in the Blink-dev mailing list.
In order to understand the functioning, we first need to understand Google Chrome's “Check passwords” feature. When the browser finds that a password has been compromised in a data breach, it displays a “Change password” button. If a website has defined change password URL, clicking on the “Change password” button will directly connect to the site's change password URL. If the support is not present, the user will be redirected to the site's homepage.
Sourabh Kulesh is a Chief Sub Editor at Gadgets 360. He has worked in a national daily newspaper, a news agency, a magazine and now writing technology news online. He has knowledge on a wide gamut of topics related to cybersecurity, enterprise and consumer technology. Write to firstname.lastname@example.org or get in touch on Twitter through his handle @KuleshSourabh.