You can find out if passwords in your Google Account may have been exposed, are weak, or are used in multiple accounts. Then, you can change any unsafe passwords to keep your accounts more secure.
You can start Password Checkup. You can also access Password Checkup on Android, in Chrome, or through the web.
On Android:
- Open the Settings.
- Search for "Password Manager."
- Tap Password Manager Password Checkup.
In Chrome:
- At the top right, select Profile Passwords .
- If you can’t find the Passwords icon, at the top right, select More Passwords and autofill Google Password Manager.
- On the left, select Checkup.
On the web:
- Go to passwords.google.com.
- Select Go to Password Checkup Check passwords.
- You may need to sign in.
Tip: To automatically update the passwords in your Google Account, you can either:
- Turn on sync in Chrome.
- Sign in to Chrome and allow Chrome to use passwords from your Google Account when asked.
Secure your passwords
After your passwords have been checked for security issues, you’ll see 3 types of results.
Learn about compromised passwords
Important: We’ll ask you to change your Google Account password if it might be unsafe, even if you don’t use Password Checkup. To secure a Google Account that has suspicious activity, or has been hacked, follow these steps.
Compromised passwords and username combinations are unsafe because they’ve been published online. We recommend that you change any compromised passwords as soon as you can.
View data breaches we check
We check for password and username combinations exposed through a wide variety of data breaches, but the list of data breaches we check may be incomplete. Our list includes sources such as:
- 000webhost
- 17 Media
- 1.4B collection
- 7k7k
- Adobe
- Anti-public
- Badoo
- Bitly
- Collection 1-5
- Dropbox
- Exploit.in
- iMesh
- Imgur
- Last.fm
- Lifeboat
- Mate1
- Neopets
- NetEase
- Nexus Mods
- Pemiblanc
- R2Game
- Rambler
- Tianya
- Tumblr
- VK
- VN
- Yandex
- Youku
- Zoosk
Dismiss & restore warnings
To dismiss a warning, next to the compromised password, click More Dismiss warning.
Under “Dismissed warnings,” you can find and restore the warning.
To restore a dismissed warning, next to the warning, click More Restore warning.
Learn about reused passwords
If you use the same password for multiple accounts, you’re at greater risk of being hacked. We strongly recommend you use a unique password for every account.
Tip: Let Chrome create and save a strong password for your Google Account. Learn how to generate strong, unique passwords.
Learn about weak passwords
Passwords with obvious phrases, simple keyboard patterns, and single words can be easily guessed. We recommend you use strong passwords.
Why we might ask you to change passwords
To help you secure your accounts, Google can help notify you if we find any of your saved passwords have been compromised.
If you’re notified about an unsafe password:
- Go directly to Password Checkup to make sure the notification is authentic and change any unsafe passwords.
- Take a Security Checkup to help protect your Google Account.
Manage alerts for unsafe passwords
Google can notify you when we find any of your saved passwords online. You can turn these alerts on or off.
Google continues to check your passwords, even if alerts are turned off. If you turn this setting off, you might still receive alerts for up to 48 hours.
You can go to Google Password Manager settings or:
- Go to passwords.google.com.
- At the top right, select Settings .
- Turn Password alerts on or off.