Google's Password Checkup plugin for Chrome can warn you if your password was stolen

It's another way of locking you into Chrome, but it's a decidedly useful one.

Credit: Google

As data breaches become normalized, it’s more and more likely that your personal information may be exposed. But how will you know? On Tuesday, Google published a Chrome plugin that will report if the login info you use in say, Yahoo, has been stolen.

Google’s Password Checkup plugin won’t do anything until it detects that you’ve logged into a site whose data has been previously compromised. If a login and password have been found in the recent “Collections” leak of more than 2 billion usernames and passwords, a message will pop up warning that your information has been compromised. All told, Google has archived over 4 billion credentials that it feels have been compromised.

Put another way, you can always manually check to see if your username and password has been leaked to the Web, using the Hasso Plattner Institute’s Identity Leak Checker, HaveIBeenPwned, or some other trusted database. Google is promising is to perform this process automatically via Chrome, each time you visit a site. 

If Chrome detects a credential has been stolen and published to the web, the Password Checkup popup will then ask you to change your password. (It’s not necessary, but it’s strongly advised.) Chrome already offers an automatic password generator, and will store that new password in a password credential file automatically, if you choose, and use it to log into a site automatically in future visits.

Cross Account Protection works with partner sites

Google also marked Safer Internet Day today by rolling out a related technology, known as Cross Account Protection, to provide another line of defense to those third-party apps that use your Google account to log in. This isn’t something that you can do anything about; Google said it’s working with the Internet Engineering Task Force (IETF) and OpenID Foundation, as well as major technology companies like Adobe, to secure accounts using Cross Account Protection behind the scenes.

Google Cross Account Protection Google

If Google knows of a hack where your Google account was compromised, it will quietly send information to those sites, letting them know that your account should be deemed suspicious for the time being. It’s apparently up to those sites to determine whether they wish to continue allowing access for your compromised account while the situation’s sorted out. Google said that it will share a minimum of information with those sites to protect your privacy.

What this means to you: At one point, Microsoft, Google, Mozilla and others wanted you to become accustomed to using their own particular browser. Now, the incentive is for you to feel like you need to use a browser like Chrome. With additional features like a password locker, password generator, and now breach detector, Google’s quietly building in value to convince you to stick with its browser rather than try alternatives.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Mark Hachman

Mark Hachman

PC World (US online)
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?