Chrome may deploy AI for detecting and replacing leaked passwords

The rise of data breaches has made password security increasingly critical for internet users, with browsers taking a more active role in protecting credentials. Google Chrome is developing a new feature that automatically helps users replace compromised passwords, building on its existing security capabilities.

Key development: Google Chrome is testing an “Automated Password Change” feature that will not only detect compromised passwords but also generate and implement secure replacements automatically.

• The feature, discovered in early Chrome builds, will trigger when users log into sites with passwords found in known data breaches
• Google’s Password Manager will encrypt and store the newly generated passwords
• The system builds upon Chrome’s existing capability to warn users about compromised passwords

Technical implementation: The new functionality is currently available for testing in Chrome’s experimental Canary version, requiring specific configuration steps.

• Users must enable two flags in Chrome’s settings: “Improved password change service” and “Mark all credential as leaked”
• The feature can be tested by attempting to log into non-Google websites with any credentials
• After a failed login attempt, the system prompts users to change their password

AI controversy: Despite Google marketing the feature as an “AI innovation,” questions remain about the actual role of artificial intelligence in the implementation.

• The core functionality relies on established password detection and generation techniques already common in password managers
• The system appears to use existing databases like Have I Been Pwned to identify compromised passwords
• The AI designation may represent a rebranding of existing smart algorithms rather than new artificial intelligence capabilities

Security implications: The automated approach represents a significant step forward in making password security more accessible and user-friendly.

• The system streamlines the process of replacing compromised passwords
• All generated passwords are encrypted and stored securely in Google’s Password Manager
• The feature encourages better password hygiene by removing friction from the password replacement process

Looking beyond the marketing: While the AI designation may be more marketing than technological innovation, the feature addresses a critical security need by making it easier for users to maintain strong, unique passwords across their online accounts. The true value lies in its practical utility rather than the underlying technology powering it.