Google’s Chrome 79 will warn you if your password has been stolen – or will be
Google usually bundles more than a few new features with each iteration of its browser, and Chrome 79 should add some fairly substantial performance and security improvements, including alerts if your password has been stolen.
The additional features include phishing protections and tab freezing, which will try to mitigate Chrome’s voracious appetite for memory by limiting what actions a tab can take when not in use.
Monitoring passwords has typically been performed by sites like HaveIBeenPwned.com, which aggregates usernames and passwords from major data breaches and allows you to cross-check your own. Now Google will do this in real time, when you enter a password into a site within the browser. A popup will then recommend that you change them, wherever they’ve been used.
Likewise, Chrome will maintain a list of known phishing sites, or sites that actively try to entice you to reveal your password to your bank, social media, or other site. This feature will be on by default, which will warn you when Google thinks or knows that the site you’re trying to visit is going to try to phish your information. That’s significant, because Google is now matching its database of known phishing sites as well as trying to predict if an unknown site is actively phishing. Those warnings will be issued for your Google password as well as passwords that the Chrome browser stores.
Google is also beefing up Chrome’s performance, though the improvement is optional. In Chrome 79, tab freezing is an experiment, that works by basically tombstoning tabs that have been inactive for more than five minutes, which releases their CPU and memory resources for other tabs that need it. Again, it’s optional, but this will likely be turned on by default in future releases.
Chrome has also improved the way it represents multiple profiles, just in case you share your browser with someone else.
Finally, Chrome is cracking down on mixed content, which are elements on a page loaded via HTTP, and not HTTPS. If a video, for example, is being served via HTTP, it will be eventually blocked from playing.
IDG News Service