Google’s Password Checkup Tool, which cross-checks saved user passwords against a database of billions of publicly exposed passwords to ensure device security, is now available to Android users through an integration with Autofill with Google.
California-based search engine giant Google is rolling out its Password Checkup feature for mobile applications on the Android operating system. Password Checkup enables users to check if their passwords were compromised in prior data breaches. The feature is integrated with Autofill with Google for Android 9 (Pie) devices and higher versions of the operating system.
Rolled out in October 2019, Password Checkup was released as an extension for Google Chrome to help Internet users verify if the password they were using had, at any point in time, been publicly exposed. The handy little function later became a native Chrome feature. With the Android rollout, it will help billions of users check their passwords’ security and strength across PCs, Chromebooks, and mobile devices.
Besides scanning a database of over 4 billion compromised credentials to match passwords, Password Checkup also assesses saved logins and lets Android users know if their credentials are weak and need improvements. The feature’s integration with Autofill with Google ensures a streamlined and secure login process into Android apps.
“Now when you enter a password into an app on your phone using Autofill with Google, we’ll check those credentials against a list of known compromised passwords — that is, passwords that have potentially already been stolen and posted on the web,†Hideaki OshimaOpens a new window , Product Manager of Android, wrote in a blog postOpens a new window .
Source: Google
If an Android device user chooses a password that was compromised in a previous breach, they will be prompted to change the password and will also be migrated to the Password Manager page to review other credentials.
Password Checkup Assessment Process
Google also assured users of Password Checkup’s privacy-focused functionality by implementing “the same privacy preserving API that powers the feature in Chrome to check if the credential is part of the list of known compromised passwords tracked by Google.†The company explained that only an encrypted hash of the credential is sent for comparison with the breach database.
Based on the prefix of the sent hash, a list of encrypted hashes of known breached credentials is returned by the server, which the Password Checkup tool leverages to locally (i.e., on the mobile device itself) determine if the user password is compromised.
“The server (Google) does not have access to the unencrypted hash of the user’s password and the client (User) does not have access to the list of unencrypted hashes of potentially breached credentials,†explainedOpens a new window Arvind Kumar SugumarOpens a new window , Software Engineer, Android Team at Google.
Opens a new window
Source: Google
“This password checkup tool is crucial in its simplicity, and when integrated with a password manager that offers a password generator tool, users will get even better protection,†saidOpens a new window Jake MooreOpens a new window , Cyber Security Specialist at ESET.
Password generator and biometric authentication are a part of Autofill with Google. Android device users can activate the Password Checkup feature by going to Settings > System > Languages & Input > Advanced > Autofill and selecting ‘Google.’
What Else Is New in Android
Besides Password Checkup, Google is also rolling out the following features for the Android operating system:
Message scheduling: Allows users to send a text message at a specified time. Available for Android 7 (Nougat) and above in the Google Messages app.
TalkBack: TalkBack is a screen reader for Android that allows users to interact with the device with gestures and spoken feedback. Users need to download the Android Accessibility Suite for TalkBack.
Updated Google Assistant (GA): Allows users to command the GA for tasks, even when the device is locked.
Finally, in line with the trend in recent years, Google Maps now boasts a dark mode option.
Let us know if you liked this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!