Google shipped a maintenance update of sorts Thursday for its free password-manager service that adds some new security and management features.
The most important one, in terms of coaxing individual users to shape up their own security, is the addition of warnings about weak and reused passwords to the Android version of its Password Checkup tool. Previously, the tool only flagged passwords that had been seen in data-breach dumps, while the desktop-Chrome version of Password Checkup also nagged users about passwords that would be too easy to guess or had been used across multiple logins.
Google’s password manager, like others, provides these check-ups by encrypting and hashing your login credentials before checking to see if those scrambled and anonymized details match breach-dump records hashed with the same algorithm–with the final check for compromised or weak passwords done on your device.
Thursday’s update to the password manager service also adds the ability to generate strong passwords for iOS apps if you set Chrome as as your default autofill provider (in the Settings app, tap Passwords and then AutoFill Passwords).
Google further touts its addition of “a simplified and unified management experience that's the same in Chrome and Android settings.” That might seem like a table-stakes detail until you remember such gigantic phone-versus-desktop feature gaps as Gmail’s continued absence of a tool to create or edit mail filters in its Android and iOS apps.
The market for password management, however, seems much more competitive than the market for email. Just in the last few weeks, LastPass shipped support for the FIDO Passkeys standard (already backed by Apple, Google and Microsoft) to ease logging into your account on a desktop, while 1Password added the ability to remember which “social login” you used as a “Sign in with” authentication for a site or service.