If your password for a non-Google website has been exposed, the Password Checkup extension can help let you know. That way, you can change your password for at-risk accounts to help secure them.
Note: If we believe your Google Account password is unsafe, we’ll ask you to change it even if you don’t use the Password Checkup extension.
Get the Password Checkup extension
The Password Checkup extension works when you’re signed in to the Chrome browser on a computer.
- On your computer, open Chrome.
- Sign in to your Google Account.
- Go to the Chrome web store and download the Password Checkup extension.
- Follow the steps on your screen.
Turn the Password Checkup extension on or off
Note: Turning the Password Checkup extension off doesn't delete info stored by the extension.
- On your computer, open Chrome.
- Sign in to your Google Account.
- In the top right, click More More tools Extensions.
- In the list of extensions, find "Password Checkup extension."
- Turn Password Checkup on or off.
Use the Password Checkup extension
Change unsafe passwords to prevent account hacking
Note: To secure a Google Account that has suspicious activity or that you believe has been hacked, follow these steps.
- Sign in to the account with the unsafe password.
- Create a strong password for the account and any other accounts that use the same password.
- If the site offers another security measure, like 2-Step Verification, consider setting it up.
Ignore unsafe password notifications
It’s best to change an unsafe password. If you don’t want to change your password, you can ignore the notifications:
- To remove the current notification, click Close.
- To stop all future notifications, click Ignore for this site.
- To restart notifications for all unsafe passwords you’ve ignored, delete info stored by the Password Checkup extension.
Info the Password Checkup extension stores
The Password Checkup extension stores:
- The number of sign-ins that the extension scanned for unsafe passwords. To delete this info, clear your extension data.
- If the Password Checkup extension finds that a password and username you enter is unsafe, it stores a hashed, partial code for that info in your Chrome browser. This partial code can’t be used to recreate a complete version of your info. To delete this code on your Chrome browser, change your unsafe password or clear your extension data.
Important: The hashed, partial code is used to stop all future notifications about an unsafe password. If you delete this info, you might see notifications about unsafe passwords you chose to ignore.
Clear extension data
You can delete info stored by the Password Checkup extension.
- On your computer, open Chrome.
- Sign in to your Google Account.
- At the top, click Password Checkup extension Advanced settings Clear extension data.
Turn off anonymous reporting
Anonymous reporting shares info with Google to help improve the Password Checkup extension. This info includes the number of lookups that surface an unsafe credential, whether an alert leads to a password change, and the domain involved.
- On your computer, open Chrome.
- Sign in to your Google Account.
- At the top, click Password Checkup extension Advanced settings Opt out of anonymous reporting.
Send feedback
Let us know about your experience with the Password Checkup extension. When you share your feedback, you help Google improve this product for you and other people.
- On your computer, open Chrome.
- Sign in to your Google Account.
- At the top, click Password Checkup extension Send feedback.