Password Alert helps protect against phishing attacks.
If you enter your Gmail or Google for Work password into anywhere other than accounts.google.com, you’ll receive an alert, so you can change your password if needed.
Password Alert also tries to detect fake Google sign-in pages to alert you before you’ve typed in your password. To do so, Password Alert checks the HTML of each page you visit to see if it’s impersonating a Google sign-in page.
-- When will Password Alert take effect?
Password Alert will initialize itself the next time you enter your password into accounts.google.com.
-- Does Password Alert store my password or keystrokes?
No. Password Alert doesn’t store your password or keystrokes -- instead, it stores a secure thumbnail of your password, which it compares against a thumbnail of your most recent keystrokes within Chrome.
-- Where does Password Alert send data?
If you are using Password Alert in a Google Account, Password Alert does not send any data from your local computer. If your Google for Work administrator chooses to deploy Password Alert across your domain, the administrator will receive alerts when Password Alert triggers.
-- What are Password Alert limits?
-- Where can I find more details?
Visit the full FAQ at https://support.google.com/a/answer/6197508, or you can see the entire open-source codebase at https://github.com/google/password-catcher.