Abstract

Some web browsers include password-check features that indicate insecure credentials, e.g., credentials that may have been leaked to third parties. However, users may not change such credentials, potentially leaving their accounts vulnerable. This disclosure describes techniques to automate password change, such that users can stay safe online without having to undertake manual effort to change their passwords with websites or applications. Multiple entry points are offered to users to enable them to start the automated password-change flow. With user permission, the web browser navigates to a known password-change website; auto-generates a strong, new password; fills in a password-change form with current and new passwords; submits the form; and saves the new password to the user’s password management service. The techniques leverage multimodal end-to-end web agents that use a large language model (LLM) to navigate websites and verify the successful submission of information.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

COinS