If you aren’t using a password manager, you’re just asking to have your accounts compromised through credential stuffing attacks. If you use Chrome for your password manager, securing your accounts after a break will soon very a lot easier. As in, done in one tap.
A credential stuffing attack works on the premise that people reuse passwords. That shouldn’t be true, but alas, it is. So when your favorite service suffers a breach and your username and password combination gets stolen, hackers will try that information at another site to see if it works. That’s why you should use a different password for every account.
But even if you are using a password manager now, it’s a pain to go back and change all the accounts you previously set up with the same password. And you may not even know if you have a compromised old password in use. Google’s latest updates to Chrome aims to solve all those problems.
Right now, if you save your passwords to Chrome, it can perform a checkup of your account information. If it finds your details in known stolen databases, Chrome will let you know so you can change your passwords. That solves the knowledge problem, but the effort issue still exists.
With an update rolling out right now, Google says it solves the pain point of changing passwords. When your password check reveals compromised account info, you can tap a single button, “change password.” If it’s a support site, Google will navigate the site for you, find the area to change your password, and perform all the necessary steps to create a new randomly generated password for you. And of course, it’ll save that updated password to Chrome too.
The new change password feature uses Duplex under the hood to power its capabilities. Duplex originally started as an automated task to make reservations, reserve movie tickets, or call about business hours. Obviously, it’s grown a lot since then. But it doesn’t work with every site yet. Google says it plans to expand the number of sites it supports. But in the meantime, it can still help you generate random passwords.
Google says the new one-tap password change feature will roll out to Chrome today.