Google’s New Android Update Will Have Password Checkup Feature

The New Password Checkup feature will warn Android users, if their passwords are compromised or exposed in any data breach.

With the latest update coming to the Android OS, users will be able use the “Password Checkup” feature. Although, this feature is already added Password checkup to the Google Chrome browser in 2019. So, you can check your weak or compromised password on passwords.google.com.

However, Google announced on 23rd of Feb 2021, about its Password Checkup feature on Android. This feature will now be available within “Autofill with Google” functionality under Chrome app. The Autofill is used to automatically fill the forms with the information stored.

“With the proliferation of digital services in our lives, it’s more important than ever to make sure our online information remains safe and secure,” wrote Arvind Kumar Sugumar, Software Engineer, Android Team in there blog post.

About Android’s Password Checkup Feature

The passwords are stored and managed within the Android Password manager. Google says, with this update users will be quick for the user to sign in to their apps using the Autofill mechanism.

Secondly, when a user will use this feature and enter any password to any app, then it will search within a huge database containing records of public data breaches, to check if your password has been compromised in any data breaches.

So, if the password is compromised, it will display a warning to the user prompting to change their password.

The company also says that the Autofill framework enforces “strict privacy as well as security invariants” that ensure the information is protected.

However, there are only two cases when this can happen:

  1. the user has already saved said credential to their Google account;
  2. the user was offered to save a new credential by the Android OS and chose to save it to their account.

Google explains to users that the password-checking mechanism will not expose their credentials online in plaintext.

How The Password CheckUp Mechanism will work

While the user fills any form using AutoFill mechanism, or allows the new one to save. Then it will use a password checkup feature while preserving the privacy API as one used by Google Chrome. It then checks for the passwords against the list of known compromised passwords or online data leaks.

With this new implementation, it will ensure:

  • Only an encrypted hash of the credential leaves the device (the first two bytes of the hash are sent unencrypted to partition the database)
  • The server returns a list of encrypted hashes of known breached credentials that share the same prefix
  • The actual determination of whether the credential has been breached happens locally on the user’s device
  • The server (Google) does not have access to the unencrypted hash of the user’s password and the client (User) does not have access to the list of unencrypted hashes of potentially breached credentials

When Can You Expect Android Password Checkup Feature

The great news is that the Password Checkup feature is now available for Android 9 and further versions.

To enable Password Checkup on Android, users need to first activate their Autofill with Google feature:

  1. Open your phone’s Settings app
  2. Tap System > Languages & input > Advanced
  3. Next, tap on the Autofill service
  4. Choose Google to enable the settings

So, this one is indeed a useful feature that will help enhance the user’s privacy.

Admin

Nupur is a tech writer at TechGeekSpace. She loves exploring latest tech, gadgets and have been writing on various topics related to technology, software, Gadgets, Windows, Mac, Internet, Android, and the latest tips and tricks.

Leave a Reply

Your email address will not be published.