Is Google Password Manager Secure?

Quick Answer

Google password manager is generally considered safe to use. But to ensure that your passwords are as secure as possible, the passwords for all of your devices and the master password for all of your passwords should be strong.

A person types in their login and password on their laptop at the office.

If you use Google software, you may be asked if you'd like to use a Google-generated password when creating an account. A Google-generated password generally is a safe way to protect your online accounts and prevent your personal data from being swiped.

And Google-produced passwords can offer more safeguards than the easily guessed passwords people may generate on their own, such as "123456" or "abc123." The Google password manager might come up with a complex password like 2}Tz?B(_;UnzF"/V, and can even securely store it so it's easily accessible when needed.

What Is a Password Manager?

You don't have to depend on Google's password manager to randomly generate a password, however, as many alternatives are available. Many companies offer password managers that create and store unique, tough-to-guess passwords for your various online accounts. Think of a password manager like you would a safe where you securely store money or documents. When you use a password manager, the only password you need to remember is the master password that gives you access to all of your stored passwords.

Password managers rely on computer algorithms to produce passwords that combine uppercase letters, lowercase letters, numbers and symbols to create a password that humans and machines alike would have a hard time guessing.

How Does Google's Password Manager Work?

The free Google password manager can be used with Apple and Android mobile devices and with Google's Chrome web browser. It not only stores passwords but also keeps track of data such as usernames and payment methods. Google's password manager can be used on computers, Android devices, iPhones and iPads.

If you're relying on Google's password manager to generate passwords, the steps differ slightly depending on what type of device you're using. Here are the steps for auto-generating passwords via Google when you're using a computer:

  1. Open the Chrome browser on your computer.
  2. Make sure you're signed in to Chrome.
  3. Visit a website to sign up for an account.
  4. Click the password text box, which will show the message "Suggest strong password." If you don't see this option, right-click on the password text box, then click "Generate password."
  5. A preview of the password then will pop up. To confirm your acceptance of the password, click "Use suggested password."

Once you've completed those steps, the new auto-generated password is saved to your Google account.

Is It Safe to Use a Google-generated Password?

Google-generated passwords are generally considered safe. Google says Chrome encrypts passwords and usernames with a "secret key" that's unique to whatever device you're using. Then, a masked copy of the data is sent to Google. Because the encryption occurs before Google's computer servers receive the information, neither Google nor anyone else is able to learn your passwords or usernames, the company says.

Potential Drawbacks to Password Managers

Browser-based password managers like Google's can offer a strong layer of protection as long as the master password that protects all of the stored passwords is strong.

For extra protection, enable two-factor authentication, which helps the password manager protect the master password. Two-factor authentication adds a layer of security by requiring extra steps, such as entering a code sent to your phone or scanning your fingerprint, when you're logging in.

Keep in mind that Google-stored passwords are only as secure as the devices you're using. If your device has been corrupted by malware, there's a chance your master password (and by extension all of your passwords) could be pilfered. This risk is not unique to Google's password manager, however, as all password managers are vulnerable to this type of intrusion.

What Are the Pros and Cons of Using Google's Password Manager?

As with any technology, Google's password manager and other password managers come with pros and cons.

Pros:

  • You only need to remember only one password (the master password) rather than many online passwords.
  • Auto-generated passwords prevent users from repeatedly using the same passwords.
  • They provide more security than jotting down passwords on paper or keeping them in a spreadsheet or another document.
  • You can use the password manager across several devices.

Cons:

  • There's a risk of a hacker finding out the master password, which then opens the door to your other passwords.
  • You could forget the master password, which would at least temporarily shut you out of online accounts tied to that password.
  • You may have to pay a fee if you want to use a more sophisticated password manager.

Alternatives to Google's Password Manager

Google Password Manager isn't the only option for generating and storing passwords. Other popular password managers include:

  • 1Password
  • Bitwarden
  • Dashlane
  • Keeper
  • Lastpass
  • NordPass

When deciding on which password manager to use, consider its price tag; ability to generate long, unique passwords and protect your passwords; ease of use; availability on various devices; frequency of security updates; and reliance on standard encryption methods.