Google Letter Logo

Google has a tool designed to securely analyze your passwords against a database of ones that are known to be compromised and breached. Password Checkup is available as an extension or a web service. Here’s how to use it.

Check Your Passwords with the Extension

If you don’t use a third-party password manager or don’t use strong and secure passwords, the Password Checkup extension by Google helps you know if a password you use for non-Google websites has been exposed.

RELATED: How to Use Google Chrome to Generate Secure Passwords

Whenever you sign-in to an account, the extension checks the password against a database of known breaches—hashing both and comparing the results. If the password you use is among the list of known breaches, it alerts you and suggests you reset your password.

Fire up Chrome and head on over to the Chrome web store for the Password Checkup extension. Once there, click “Add To Chrome” to start the download.

Read the extension’s permissions and then click “Add Extension” to add it to your browser.

After the extension installs, the icon will appear in the toolbar or the Chrome menu. Clicking on it will show how many passwords were analyzed in the past week.

After the extension installs, whenever you enter a password online, it will analyze it against the database of compromised passwords.

Additionally, there’s a Chrome flag you can enable, which does essentially the same thing. The difference is that the entire process takes place in the background, only alerting you if it notices a breached password.

You can enable the flag by copying the following address and pasting it into Chrome’s Omnibox:

chrome://flags/#password-leak-detection

Choose “Enabled” from the dropdown box and then click the “Relaunch” to restart the browser.

Check All Your Stored Passwords with Password Checkup Online

If you use the Password Checkup extension but want to be able to check all the passwords you have saved in Chrome’s password manager, Google has a website dedicated to exactly that. Instead, use the same checkup tool to analyze all the passwords you’ve already entered and synced to your Google account at the same time.

RELATED: How to Manage Saved Passwords in Chrome

Fire up your browser, head on over to the Google Password Manager’s website, and then click the “Check Passwords” button.

If you use a passphrase to encrypt passwords in your Google account, you won’t be able to use this feature unless you remove the current passphrase.

If you use a passphrase to encrypt your Google account, you won't be able to continue without disabling the passphrase.

Next, click “Check Passwords” to get started.

To confirm it’s you, enter your Google account password and then click “Next” to continue.

After the check has completed, the page will display if it found any compromised, reused, or weak passwords below.

Provided none of your passwords are compromised, reused, or weak, you'll see all green checks.

If Password Checkup found any conflicts with your stored passwords, a warning will appear next to the area that needs addressing. Click on the down arrow next to the alert and then click on “Change Password” to be redirected to the account management page for that account.

After you change your account’s password, you’re good to go. If you use the same password for any other accounts that aren’t synced in your Google account, reset those passwords as well.

RELATED: Why You Shouldn't Use Your Web Browser's Password Manager

READ NEXT
Profile Photo for Brady Gavin Brady Gavin
Brady Gavin has been immersed in technology for 15 years and has written over 150 detailed tutorials and explainers. He's covered everything from Windows 10 registry hacks to Chrome browser tips. Brady has a diploma in Computer Science from Camosun College in Victoria, BC.  
Read Full Bio »