Blog

Is Google Password Manager Safe?

Sep 4, 2024

•

Min Read

Protect Your Payments

Credential theft poses a serious threat to online privacy and security as it can lead to identity theft and financial loss. In response to this risk, many online users turn to password managers to protect their sensitive information. One such solution is Google Password Manager, a tool integrated into the Chrome browser. But is Google Password Manager safe?

This article will examine various aspects of this password manager to help you determine if it's the right tool for safeguarding your passwords and personal information. We'll also introduce virtual cards, which can be useful for protecting your financial details.

Disclaimer: The information in this review is valid as of July 2024. Google Password Manager's features may change with time. For up-to-date information, please visit the Google Chrome Help site.

How Secure Is Google Password Manager?

To determine whether Google Password Manager is secure, we'll examine six critical areas that may affect its overall security standing:

Encryption
Password autofill
Additional authentication
Password checkup and security alerts
Automatic password generation
Backup options

Encryption

Encryption is central to every password manager's security architecture. It ensures that only authorized parties with the encryption key can read the passwords. Google Password Manager uses two methods to encrypt passwords^[1]:

The standard password encryption encrypts passwords in transit, on their way to Google's storage, and while in storage. The encryption key is stored within the user's account, where Google can use it to decrypt passwords when needed.
On-device encryption lets users encrypt data using their Google password or screen lock. Google claims only the user can decrypt the passwords on their device, implying that it doesn't have access to the encryption keys.

On-device encryption is optional, but Google plans to apply it to all accounts eventually^[1]. The fewer people or systems that can access users' encryption keys, the more secure they are.

Google doesn't disclose the specific standards used for encrypting passwords, and it doesn't go into details about its security architecture regarding password management. Users who want a password manager that provides more information about how it secures passwords might opt for Keeper, LastPass, or 1Password.

Password Autofill

An illustration of a browser window showing a login interface with a masked password and sign-in button — *Source:* *geralt*

Google Password Manager has an autofill feature^[2], which lets Google's Chrome browser fill out users' stored credentials when logging into their website accounts. Besides being convenient, autofill also boosts security in several ways:

It provides protection against keyloggers, malicious software that captures information when users type it.
It helps prevent users from becoming victims of phishing attacks, where hackers mimic legitimate websites to steal users' information.
It eliminates the need for copying/pasting passwords, which potentially exposes passwords by leaving them in the clipboard where other apps can access them.

Additional Authentication

Password managers can enhance security by requiring an additional form of authentication before allowing users to access, manage, or use stored passwords.

While Google protects users' accounts with two-factor authentication (2FA)^[3], Google Password Manager also lets users set up biometric authentication when filling in passwords^[4]. Users have two options, depending on their device:

On PC, they can turn on authentication via Windows Hello.
On Mac, they can turn on authentication via TouchID.

Password Checkup and Security Alerts

Google Password Manager has a Password Checkup feature that monitors the safety of stored passwords^[5]. When users open the Checkup menu in the tool, it shows them three critical areas that might need intervention:

Weak passwords
Reused passwords
Passwords compromised in data breaches
‍

Google can also send alerts to notify users if their passwords are exposed in breaches^[5], helping maintain the overall security and integrity of users' credentials.

Automatic Password Generation

Google Password Manager offers automatic password generation^[6] to help users create complex passwords that are difficult for attackers to guess or crack. This feature makes it easier for users to create strong passwords and avoid reusing old ones.

Backup Options

Google Password Manager allows users to export passwords for backup purposes^[4], ensuring they have a copy of their credentials in case of data loss or if they choose to switch to another password manager.

This export feature provides flexibility but requires careful handling to avoid exposing sensitive information.

Can I Trust My Password Manager With All My Sensitive Data?

An illustration of a blue fingerprint on a dark background with binary code streaming and a login interface on the right-hand side — *Source:* *TBIT*

Using a password manager, even a browser-based one like those offered by Chrome, Firefox, Edge, Safari, or Opera, can help safeguard your credentials and promote good password hygiene. A reputable standalone password manager—Dashlane, NordPass, Proton Pass, or Bitwarden, among others—might offer even more security measures and features. This makes them a good choice for storing other sensitive information, such as payment card info.

While password managers can be secure enough to store your sensitive information, the protection only extends until the information is shared. As soon as you enter your card details at checkout and make a payment, the security of your sensitive financial information depends on the merchant.

Virtual cards allow you to extend the protection of financial data beyond what a password manager can offer. They can act as a stand-in for your payment card details during online transactions, shielding them from potential thieves. With an independent card provider like Privacy, you get industry-grade security and control over who can charge your cards and how much.

A photo of a hand holding a gray credit card over a payment terminal — *Source:* *geralt*

Secure Your Online Payments With Privacy

Privacy is a BBB-accredited virtual card provider that helps enhance the security of your online transactions. By linking your debit card or bank account with Privacy, you can generate unique virtual card numbers with CVV and expiration dates. Your Privacy Cards can be used as regular payment cards for online transactions, and if a merchant's website is compromised, your actual financial details remain safe.

To help protect your accounts and funds, Privacy uses robust security methods such as:

Two-factor authentication (2FA), reducing the risk of unauthorized access to your account
Real-time notifications when your virtual cards are used, helping you spot unusual activity
Regular audits by reputable third-party organizations, ensuring all security measures are up-to-date and meet PCI and SOC 2 standards

Privacy Card Types and Features

A photo of an open laptop with a blank screen next to a closed wallet containing payment cards with a white background — *Source:* *Tumisu*

‍

Privacy provides three types of virtual cards:

Card Type	How It Works
Single-Use Cards	These cards close shortly after the first transaction, rendering them useless to potential hackers. They can be ideal for one-time purchases on less trusted sites.
Merchant-Locked Cards	They are "locked" to the first merchant they're used with and cannot be used anywhere else. These cards are perfect for your favorite merchants and subscription services like Disney Plus and AMC Plus.
Category-Locked Cards	These cards are "tied" to specific merchant categories, such as entertainment or groceries, allowing you to use them only with merchants who meet the criteria. They can be helpful for budgeting and planning expenses.

You can pause or close your Privacy Cards, and Privacy will stop all further charges. Privacy also lets you set spending limits on each card. Any charge above the limit is declined, providing an additional safeguard against excessive charges by sneaky merchants.

Convenience Features

To make your online transactions more convenient, Privacy offers the following features:

1Password integration—Seamlessly manage your virtual cards and passwords from 1Password's browser extension.
Privacy App—Use the mobile app, available on both iOS and Android platforms, to create and manage your virtual cards on the go.
Privacy Browser Extension—Install the browser extension, available for Firefox, Chrome, Edge, Safari, and Safari for iOS, to quickly generate virtual cards while shopping online.
Card Notes—Attach notes to your cards to help you remember when and where you'll use your Privacy Card next.
Shared Cards—Share virtual cards with friends and family members as a gift or to manage shared expenses.

How To Join Privacy

To join Privacy and secure your online transactions, follow four steps:

Create an account on the Privacy website
Verify your identity to protect your account
Connect your bank account or debit card to your Privacy account
Request and generate your first Privacy Card
‍

Depending on your needs, you can choose from the four plans Privacy offers:

Plan	Price	Features and Benefits
Personal	Free for domestic purchases	Up to 12 new virtual cards per month Merchant-Locked & Single-Use Cards All spending controls Privacy App Privacy Browser Extension
Plus	$5 per month	Everything in Personal Up to 24 new cards per month Category-Locked Cards Card Notes Shared Cards Priority support and Live Chat (Mon–Fri, 9 a.m.–5 p.m. ET)
Pro	$10 per month	Everything in Plus Up to 36 new cards per month No foreign transaction fees 1% cashback on eligible purchases up to $4,500 per month
Premium	$25 per month	Everything in Pro Up to 60 virtual cards per month

References

^[1]Google. https://support.google.com/accounts/answer/11350823, Sourced August 22, 2024

^[2]Google. https://support.google.com/accounts/answer/6208650, Sourced August 22, 2024

^[3]Google. https://support.google.com/accounts/answer/185839, Sourced August 22, 2024

^[4]Google. https://support.google.com/chrome/answer/95606, Sourced August 22, 2024

^[5]Google. https://support.google.com/accounts/answer/9457609, Sourced August 22, 2024

^[6]Google. https://support.google.com/chrome/answer/7570435, Sourced August 22, 2024

‍

Privacy — Seamless & Secure Online Card Payments

Checkout securely online by creating unique virtual card numbers for every purchase. Avoid data breaches, unwanted charges, and stolen credit card numbers.