Google announced the rollout of six new features today. It announced schedule send for Messages, dark mode for Google Maps, new features for Android Auto, and more. It also announced Password Checkup for smartphones running Android 9 and above. The feature will let you know if the password you used has been previously exposed and what to do about it.
The Google Password Checkup feature was introduced for Chrome last year. It notifies you when one of the passwords you’ve saved in Chrome is exposed. The functionality is now expanding to Android apps through Autofill with Google. Password Checkup on Android apps is available on Android 9 and above, for users of Autofill with Google.
Now, when you enter a password into an app on your phone using Autofill with Google, the company will check those credentials against a list of known compromised passwords — that is, passwords that have potentially already been stolen and posted on the web. If your credentials show up on one of these lists, Google will alert you and guide you to check your password and change it.
To enable Autofill with Google on your Android device:
- Open your phone’s Settings app
- Tap System > Languages & input > Advanced
- Tap Autofill service
- Tap Google to make sure the setting is enabled
This implementation ensures that only an encrypted hash of the credential leaves the device (the first two bytes of the hash are sent unencrypted to partition the database). It also ensures that the server returns a list of encrypted hashes of known breached credentials that share the same prefix.
You can also add an extra layer of protection on your device by requiring biometric authentication for your autofill credentials or payment information.