One of the changes that Google is making is by helping users know when they might be logging into a website in which a password might have been compromised. “To check whether you have any compromised passwords, Chrome sends a copy of your usernames and passwords to Google using a special form of encryption. This lets Google check them against lists of credentials known to be compromised, but Google cannot derive your username or password from this encrypted copy.”
What happens is that when a password matches those stored in the database, instead of merely notifying the user, Google will then attempt to redirect users to the correct page in which they can then change their password. Due to the large number of database breaches we’ve seen, there’s a good chance that a login credential you’ve used was part of it.
There are websites that you can check to see if you’ve been compromised, but this change will make it easier for users who might not know otherwise.
Filed in Android, Apps, Chrome, Google, iOS and Security. Source: security.googleblog
. Read more about