(Note: We’ve updated this post to reflect that the API works by collecting 3.25 bytes of the hashed username)
With the proliferation of digital services in our lives, it’s more important than ever to make sure our online information remains safe and secure. Passwords are usually the first line of defense against hackers, and with the number of data breaches that could publicly expose those passwords, users must be vigilant about safeguarding their credentials.To make this easier, Chrome introduced the Password Checkup feature in 2019, which notifies you when one of the passwords you’ve saved in Chrome is exposed. We’re now bringing this functionality to your Android apps through Autofill with Google. Whenever you fill or save credentials into an app, we’ll check those credentials against a list of known compromised credentials and alert you if your password has been compromised. The prompt can also take you to your Password Manager page, where you can do a comprehensive review of your saved passwords. Password Checkup on Android apps is available on Android 9 and above, for users of Autofill with Google.
Follow the instructions below to enable Autofill with Google on your Android device:
- Open your phone’s Settings app
- Tap System > Languages & input > Advanced
- Tap Autofill service
- Tap Google to make sure the setting is enabled
If you can’t find these options, check out this page with details on how to get information from your device manufacturer.
How it works
User privacy is top of mind, especially when it comes to features that handle sensitive data such as passwords. Autofill with Google is built on the Android autofill framework which enforces strict privacy & security invariants that ensure that we have access to the user’s credentials only in the following two cases: 1) the user has already saved said credential to their Google account; 2) the user was offered to save a new credential by the Android OS and chose to save it to their account.
When the user interacts with a credential by either filling it into a form or saving it for the first time, we use the same privacy preserving API that powers the feature in Chrome to check if the credential is part of the list of known compromised passwords tracked by Google.
This implementation ensures that:
- Only an encrypted hash of the credential leaves the device (the first 3.25 bytes of the hashed username are sent unencrypted to partition the database)
- The server returns a list of encrypted hashes of known breached credentials that share the same prefix
- The actual determination of whether the credential has been breached happens locally on the user’s device
- The server (Google) does not have access to the unencrypted hash of the user’s password and the client (User) does not have access to the list of unencrypted hashes of potentially breached credentials
For more information on how this API is built under the hood, check out this blog from the Chrome team.
Additional security features
In addition to Password Checkup, Autofill with Google offers other features to help you keep your data secure:
- Password generation: With so many credentials to manage, it’s easy for users to recycle the same password across multiple accounts. With password generation, we’ll generate a unique, secure password for you and save it to your Google account so you don’t have to remember it at all. On Android, you can request password generation for an app by long pressing the password field and selecting “Autofill” in the pop-up menu.
- Biometric authentication: You can add an extra layer of protection on your device by requiring biometric authentication any time you autofill your credentials or payment information. Biometric authentication can be enabled inside of the Autofill with Google settings.
As always, stay tuned to the Google Security blog to keep up to date on the latest ways we’re improving security across our products.
No comments:
Post a Comment
You are welcome to contribute comments, but they should be relevant to the conversation. We reserve the right to remove off-topic remarks in the interest of keeping the conversation focused and engaging. Shameless self-promotion is well, shameless, and will get canned.
Note: Only a member of this blog may post a comment.