How to Master Google Password Manager


We write about password managers a lot and for good reason. Anyone who uses the internet—whether from a PC, a phone, a tablet, or a combination of devices—needs one to track passwords, generate new secure ones, and make sure they don’t have any duplicate codes.

There are many names in the field that we recommend, but there’s a free manager you probably use almost every day without even realizing it—Google Password Manager. It’s built into the Google Chrome desktop browser, and is available on mobile for Apple and Android devices. Passwords synchronize across those browsers if you use the same Google account, and it’s easy to manage on the web at passwords.google.com.

To access it via Chrome on the desktop type in chrome://settings/passwords or go to the three-dot menu and select Passwords and autofill > Google Password Manager. While viewing it, click Settings > Add shortcut > Install to put a shortcut on the desktop.

Let’s dive into the basics.


Going Full Google

Google Password Manager isn’t like other password managers, which make it easy to access secure passwords anywhere, on any device and on any browser—it’s entirely Google-specific. But it can still work with other browsers, particularly on mobile devices.

Get started with it by using Google’s Chrome browser. Since almost half of internet users in the US use it across all devices—49% on the desktop, according to StatCounter—you’ve likely encountered Google Password Manager by now.

You need to be signed in with a Google account. Almost every time you enter a password (such as when you create an account on a shopping site) or change a password, Google Password Manager will pop up a dialog box asking you if you want to save or update that password. Click on the eye icon to view the password in the dialog box.

DIALOG BOX FOR UPDATE PW

(Credit: Google/PCMag)

If you choose to not save a password for a site, that service will be listed on your Google Password Manager settings page under “declined sites and apps.” If you change your mind, you must delete the entry for the declined site because Chrome’s not going to ask you to save it again. If you decline to save a new, updated password on a page where you previously saved a password, meanwhile, the earlier password remains stored.

After the password is saved, all you do when you’re asked to re-authenticate with the site is go to the sign-in page. Usually, both your username and password will be automatically entered for you. Even better, if you’ve saved multiple sets of credentials for a site—say, yours and your partner’s, since you both like to shop at the same place—you can choose them from a drop-down menu.

To keep track of such things, you can also now leave a note in Google Password Manager about credentials you save.


Use the Password Generator

Signing up for a new service or need to change your password? Don’t reuse an insecure code; Google Password Manager can generate an impossible-to-guess one for you.

Whenever you create a new password, you should be able to click in the field on the browser and get a drop-down menu that shows any previously used sign-ins plus the option for Suggest Strong Password. (This may not show up if you have another password manager extension running as an extension in Chrome.)

USE SUGGESTED PW

(Credit: Google)

Google will show you an option that’s a mix of numbers, letters, and punctuation that’s about 15 characters long (you can’t change the default length). Choose Use Suggested Password to select it. Keep clicking Suggest Strong Password for more options. The dialog box will remind you that Chrome (and thus, Google Password Manager) will save your selected passcode.

If you know you’ll only ever be accessing the site you’re on via Google Chrome, Google Password Manager’s suggested passwords are a good option. If it’s a site or service you’ll be accessing in many places—like, say, Amazon or Netflix—you may want one you can actually remember, making these complex suggested passwords less appealing.


Password Manager on Mobile

Accessing stored Google passwords using the Chrome browser on your phone or tablet is easy. When you’re using mobile Chrome and encounter a password field, look on the keyboard for a key icon, which will show a menu of stored passwords.

If you leave the password field blank and hit the key icon, the menu will also include Suggest Password, to give you another 15-character string for high security.

SUGGEST PW MOBILE

(Credit: Google)

The menu also will display the option to Use Other Password, which does what it says—it lets you pick a password for an unrelated site to use on the one you’re visiting. (That implies you’re using the same password in multiple places, which is bad.) Click on Manage Passwords to get a mobile version of the page at passwords.google.com.

You aren’t limited to using Google Password Manager in Chrome. On iOS, go to Settings > Passwords > Password Options > AutoFill Passwords and Passkeys, where you turn on autofill and pick the source that fills in the fields. Choices include Apple’s Keychain, whatever password manager app you have installed (like LastPass), or other browsers you have installed—including Chrome. If you pick Chrome, you’ll be using Google Password Manager on your phone, even in other apps. You can set multiple managers though, as the Password Manager utility could show you iCloud Keychain, Chrome, and LastPass options (as an example) all at once during a login.

On Android, Google supports the FIDO authentication login standard in the Chrome browser and other apps, so you can use your screen-unlock function (be it your face or fingerprint biometrics, a PIN, or a pattern) to push autofill with stored credentials in Google Password Manager.


Perform a Password Check

Google offers an advanced Security Checkup for your entire account. Within Google Password Manager you can do a more focused Password Checkup. It will list compromised passwords involved in known data breaches, weak passwords that should be upgraded, and the sites where you’ve used the same password more than once.

Google Pw Checkup

(Credit: Google)

You can see the importance indicated by the color coding.

If you’ve got compromised passwords, they’re probably floating out there on the dark web, waiting to be purchased—or they’re already in the hands of some bad actor. If that compromised password is also one of your reused passwords, a hacker will try it in multiple places. That means if your old MySpace password got snatched, and you’re currently using it on Amazon, you’ve paved the way for someone else’s spending spree.

You don’t have to act on any of the data presented in your Password Checkup, but you’ll enjoy better security if you do.


Edit, Delete, or Export Your Passwords

On the desktop, head to Google’s password settings page to edit or delete any sites you no longer use or want Google to store. You may have to enter your password to make changes.

Password Deletion

(Credit: Google)

You’ll get a warning when you delete a password that, if you do so, Google will no longer be able to help you sign on. But you knew that. Once you delete an entry, it vanishes across all your browsers/devices using Google Password Manager. You can delete it on the desktop and watch it disappear on the lists on mobile; it syncs that fast.

Recommended by Our Editors

If you want to export your password list from Google Password Manager, click the gear icon at the top of the passwords.google.com interface. Click Export and you’ll get a warning that “Your passwords will be visible to anyone who can access the file, including apps.” Enter your password again and you’ll get the option to save a file named “Google Passwords.csv” that’s suitable for reading in a spreadsheet or a text reader (it’s a text-based comma-separated value file).

On Android, you can go into the Chrome browser, select the three-dot menu, and go to Settings > Passwords to control things. If you click See, it displays the list from passwords.google.com, but you can also click the trashcan icon to delete them, or Edit Password to modify them. Tap the three dots again to find Export Passwords and you can save them to a CSV file locally or share the file with another app.

On iOS, you can go into the Chrome browser, use the three dots to go to Settings > Password Manager, and click any individual site/password combination you’d like to edit. Swipe left to delete it. Tap the Settings link at the bottom to find Export Passwords. It generates the same CSV document that you can then share to your Files, print, send to others, store on services like Dropbox, and more.

Why would you ever want to output your entire list of security credentials for all those websites? For backup, but also to share with someone you trust—there’s an Import option in Google Password Manager, as well. What a delightful way to co-mingle your browser life with a new loved one.

Import is also what you’ll need to do if you switch to a new browser like Firefox or Edge. You can also access passwords.google.com from those browsers for a quick lookup if you don’t have Google Password Manager encrypted (see below). Or import the file into another password manager like 1Password, Keeper, LastPass, or Dashlane (here’s how to make that switch).

Likewise, you can import CSV files from other password managers into Chrome Password Manager.


Create a Sync PassPhrase for Security

We’ve mentioned data breaches that could compromise your passwords. Google’s been subject to some itself. If it happens again, your logins for your Google account could be out there. It’s one reason why you should set up multi-factor authentication (MFA)—it’s an occasional extra step Google will require when you sign in, making you enter a temporary code that is texted to you or generated on an app. (Google may have already auto-enrolled your account into MFA.)

That doesn’t stop your data from being read in a breach.

Google has an extra feature built into Chrome and Google accounts called Sync Passphrase that fully encrypts all your stored data on its servers. Think of it as a master password you’ll need to access your regular passwords. That’s very much in keeping with what other password managers do already. Setting it up offers a lot more security, but it also may break a few things with how Google syncs your data now, such as your browser history and, for that matter, your unfettered access to view passwords in Google Password Manager. It even kills the Smart Lock option on Android devices. But all that inconvenience is the price for thorough security, right?

To turn Sync Passphrase on, open the Chrome browser and use the three-dot menu to go to Settings > You and Google > Sync and Google Services > Encryption Options. You’ll see that it says Google already encrypts synced passwords, but the next step with the Sync Passphrase turns on the server encryption across all sorts of stored data.

Google Password Encryption

(Credit: Google)

If you want to change your passphrase later, or stop using it altogether, you can do that and all the data is deleted from the Google servers. But it doesn’t delete the info from your local device, so it can again be synced with your account and other devices.

If Google has you worried about your privacy in general, read How to Manage Your Google Privacy Settings and How to Run a Security Checkup on Your Google Account.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.



We will be happy to hear your thoughts

Leave a reply

Funtechnow
Logo
Compare items
  • Total (0)
Compare
0
Shopping cart