Google Chrome beefs up password protection on Android and iOS

Google is introducing a host of security features with the release of Chrome 86, including improved password protection for Android and iOS.

Similar to Google’s Password Checkup tool launched in 2019, Google Chrome‘s built-in password manager now acts as a vulnerability scout, alerting users if their login details are compromised on the sites they visit.

To do this, Google retrieves users’ saved username and password data via an encrypted transfer. The encrypted data is then compared to a list of known compromised combinations. Should a username/password pair flag as compromised, Chrome will also save users time by taking them directly to well-known change password pages.

Other security features debut with Chrome 86 too. Enhanced Safe Browsing — which ostensibly acts as a real-time online safety scanner — arrives on Android. It promises to guard users against phishing, malware, and dodgy websites by monitoring web traffic. While scanning websites for malicious traits, the feature will also check any initiated downloads, too.

Google also sees the use of HTTP content on HTTPS sites as a potential security risk for users. When browsing on these “mixed content” sites, Chrome will initiate warnings on desktop and Android if a non-secure form is present on an HTTPS page. This should further guard users against phishing attempts. The browser will also warn users if HTTP downloads are initiated on an HTTPS site. The feature can also be set to block all downloads in this manner, too.

Chrome users on Apple also get a platform-specific feature in this release. iOS users can now use Face ID, Touch ID, or passcode to switch on or lock Chrome’s built-in password manager.

Google confirms more security features will arrive on iOS and Android in the browser’s future release. This includes further Safety Check alerts and the use of Chrome as a password autofill agent on other iOS browsers.