Google Chrome adds a new feature that will make it easier for users to reset saved passwords that have been found to have been compromised.
As of 2018, Apple supports the /.well-known/change-password feature - the feature allows sites to specify the page used to reset or change the site passwords.
This feature has been used by Safari and iCloud Keychain to allow users to change compromised passwords quickly.
To use this feature, website developers create a /.well-known/change-password file or URL on their website, which will redirect the user to the password reset page.
Websites can redirect users to the right page using an .htaccess, mod_rewrite file, or even HTML.
Chrome 86 makes it easy to change passwords
In Chrome 86, Google plans to add support for the browser's "Check passwords" feature to check for any stored credentials.
"Websites can define a well-known password change URL using the" /. Well-known / change-password "format to allow users to quickly navigate the page and change their passwords. Chrome will use this URL to help users easily change weak / compromised passwords after massive password checks (Desktop, Android, iOS).
When Chrome detects that a password has been compromised, it displays the "Change password" button, as shown below.
When '/.well-known/change-password' is supported, pressing the change password button will automatically link to the '/.well-known/change-password' URL site, which automatically redirects you to the password reset page.
If the URL "/.well-known/change-password" does not exist for a site, the user will be redirected to the website home page.
This facility was created in the hope that most users will change their passwords. Using unique passwords on the sites you visit significantly increases safety you.
This feature will not work without site support, so it is recommended that all sites create a "/.well-known/change-password" URL.
For those who want to try this feature, you can install Chrome 86 Beta and perform the following steps:
- Paste chrome: // flags / # well-known-change-password in the address bar and press enter.
- When the "Support for .well-known / change-password" flag appears, set it to Enabled and restart your browser when prompted.
After restarting your browser, you can try this feature if you have broken passwords listed in chrome: // settings / passwords.