Google Updates Password Manager With New Security, Management Tools

pcmag.com:

Google shipped(Opens in a new window) a maintenance update of sorts Thursday for its free password-manager service that adds some new security and management features.

The most important one, in terms of coaxing individual users to shape up their own security, is the addition of warnings about weak and reused passwords to the Android version of its Password Checkup tool(Opens in a new window). Previously, the tool only flagged passwords that had been seen in data-breach dumps, while the desktop-Chrome version of Password Checkup also nagged users about passwords that would be too easy to guess or had been used across multiple logins.

Google’s password manager, like others, provides these check-ups by encrypting and hashing your login credentials(Opens in a new window) before checking to see if those scrambled and anonymized details match breach-dump records hashed with the same algorithm–with the final check for compromised or weak passwords done on your device. 

Thursday’s update to the password manager service also adds the ability to generate strong passwords for iOS apps if you set Chrome as as your default autofill provider (in the Settings app, tap Passwords and then AutoFill Passwords). 

Google further touts its addition of “a simplified and unified management experience that's the same in Chrome and Android settings.” That might seem like a table-stakes detail until you remember such gigantic phone-versus-desktop feature gaps as Gmail’s continued absence of a tool to create or edit mail filters in its Android and iOS apps.

The market for password management, however, seems much more competitive than the market for email. Just in the last few weeks, LastPass shipped support for the FIDO Passkeys standard (already