Google is stepping up efforts to save millions of its users from bad passwords.

During its annual Google I/O conference, the US company confirmed plans to automatically replace weak or leaked passwords with a unique alternative.

When you're using Google Chrome and the browser detects that one of your saved passwords has been compromised in a data breach, the built-in Google Password Manager will prompt you with an option to fix it. With a single click, you can swap out the bad password for a stronger, alphanumeric alternative.

If that sounds like too much work, on supported websites, Google Chrome will be able to generate a strong replacement and update the password automatically, so you won't even need to lift a finger.

The Google Password Manager built into Chrome stores usernames, email addresses, and passwords so that it can autofill the details for you — saving you from the hassle of remembering every unique password. Google is already capable of flagging when it detects that you have an unsafe password associated with one of your accounts.

Chrome will warn whenever your password has been leaked online, and prompt you to switch to something new (and secure) with a single click

Parisa Tabriz, Vice President of Google Chrome, : "But if we tell you your password is weak, it’s really annoying to actually have to change your password.

"And we know that if something is annoying, people are not going to actually do it. So we see automatic password change as a win for safety, as well as usability. Overall, that’s a win-win for users."

When the new functionality rolls out later this year, Google Password Manager will display a "Change it for me" button, allowing you to replace the problematic password in seconds, with no disruption to your browsing experience.

If the website has been updated to support the feature, the same process happens behind-the-scenes, eliminating the multiple steps usually required to change the compromised passwords across different websites.

The is designed to generate and store unguessable passwords as well as passkeys in an encrypted vault. Available across all of your devices, including iPhone and Android, Windows and Mac computers, iPad and other tablets — it's designed to make logging in as simple as the tap of a button. Its built-in WatchTower feature warns about data breaches that impact you. 1Password is currently with no obligation to subscribe

With cybercrime rates on the rise and data breaches becoming increasingly common, maintaining a secure (and unique) password for every online account has become more critical than ever before.

Passwords remain "the world's most common authentication method" according to Google, yet they represent one of the weakest links in digital security. The problem is compounded by the fact that people tend to create weak, easily guessable passwords or reuse the same credentials across multiple accounts.

When hackers gain access to one compromised database, they can potentially unlock numerous other accounts using the same login details.

Google plans to roll-out the automated password change feature by the end of the year, though the company has not provided a specific launch window. "We're going to start with a subset of websites in 2025," Chrome Paul Kinlan confirmed, "and we're going to expand this to more websites in the future."

"When Chrome detects a password has been compromised, the user will get a suggestion to change it, and with permission, Chrome will automatically update the password on the site, behind the scenes,” says Paul Kinlan, lead for Chrome Developer Relations, .

This should go some way to eliminate the headache of keeping up with compromised and weak passwords across your subscription services, websites, and other online services. But it’ll take some time for Google to roll out the feature.

"We're going to start with a subset of websites in 2025,” Paul Kinlan added. "And we’re going to expand this to more websites in the future."

Website developers will need to add the necessary support code to enable automatic password changes. Without these updates to the underlying code, one-click password replacement won't be available.

Despite the automated nature of the feature, Google has emphasised that consent from Chrome users remains paramount in the password change process. Chrome VP Parisa Tabriz confirmed that "Chrome won't change a bad or compromised password without user consent."

"We're very much focused on keeping the user in control of changing their password," Tabriz added during a briefing ahead of the Google I/O event. This approach ensures that whilst the feature streamlines the password replacement process, you retain full authority over when and how your credentials are updated.