A Google Assistant feature designed to automate the time-consuming process of changing your passwords after a breach appears to be getting a wider rollout. That’s according to a tweet from leaker Max Weinbach and a report from Android Police.
One of Weinbach’s screenshots shows a dialog box warning that Chrome on Android has detected that a used password appeared in a breach, and offers the option to “Change automatically.” The second includes a confirmation box, asking the user to agree to “Let Google Assistant help you change your password.”
Google Assistant being able to change breached passwords >>>>> pic.twitter.com/Dfcnvhs1S5— Max Weinbach (@MaxWinebach) May 3, 2022
The Google Assistant feature was announced back at Google I/O last year. It only works on supported sites, but where possible the idea is to automate as much of the password-changing process as possible. When triggered, Assistant will take you directly to the right page for changing your password, and use Chrome’s built-in password manager to generate, and then store, new login details.
Android Police notes that there’s also the option to manually check whether your passwords saved by Chrome have been compromised. The “Check passwords” option is available in the “Passwords” sub-menu in the browser’s settings. When a compromised password is found, a “Change password” button will appear, and it’ll feature a Google Assistant logo if there’s the option of automatically changing it.
The security feature is built on Google’s “Duplex on the Web” technology, which is designed to quickly carry out tasks like buying movie tickets, checking in to flights, or ordering food. It does this by automating the more routine parts of the process, like scrolling, clicking through multiple pages, and filling out forms. 9to5Google notes that the password automation appears to have been rolling out gradually since last November when “some users” were given access.
The ability to automatically change compromised passwords has been offered by password managers like LastPass and Dashlane in the past. But considering the amount of people that default to using whatever password manager is built into their browser, Google’s feature could end up having a much larger reach as it rolls out.
We’ve contacted Google to confirm the scope of the rollout.