A major leak of Google login credentials this week — most of which proved to be out of date, thankfully — has highlighted the need for password changes. But how do you do that?
In the wake of the leak, a number of online sites offered the facility to “check” if your account was amongst those compromised, but for the everyday consumer I’d argue those were a bad option, if only because you’ve no real way to verify either the authenticity of the check, leading to a false sense of security, or that the site itself might not be compromising in some way.
Google is quite adamant that the password dump contained mostly out of date information, but it’s not the worst idea in the world to regularly change your password in any case.
I’d advise using a password manager to keep track of changing passwords — I’m personally a big fan of 1Password, but other options such as Keepass are also very solid — but you still need to verify with Google your changed passsword.
Google runs through the steps needed at this link, but if you’re feeling paranoid, you can also just google “Change your Google Account password” and it’ll be the primary link in every instance.
From there you can access the change password dialog, and if you haven’t done so already, it would be a good idea to instigate other security measures such as two step verification on your account as well. Just remember that if you’re using multiple devices connected to Google — say, a PC and an Android phone — you’ll need to do a bit of jumping around to update your password details once they’ve been changed.
How Do I? covers the basics, because we’ve all got to start somewhere.