Google is bringing this once paid security feature to Gmail for free — and you can try it soon

Regardless of whether you’ve been hacked or not, your passwords and other credentials could be floating around the dark web. And that puts your accounts at risk of being taken over by hackers.

The reason for this is that after a company suffers a data breach, the account credentials of its users may be stolen as well. In fact, hackers have made millions selling stolen data on the dark web to other cybercriminals to use in their attacks.

Although AI and all of the new improvements to Google Bard were a major part of Google I/O 2023, the search giant also revealed that it is giving Gmail a major security upgrade to help warn users if their data has ended up on the dark web.

While dark web monitoring used to be limited to paid Google One users, Google has announced that the feature will be rolling out for free to all U.S. Gmail users in the coming weeks, according to a new blog post. Once available, the feature will provide all Gmail users with a dark web report that shows them if their email address is currently in the hands of hackers.

Besides getting a dark web report from Google, Gmail will also allow you to manually run scans to see if your email address appears on the dark web. The search giant will also provide guidance on the steps you can take to protect yourself further, like using one of the best password managers to securely store all of your passwords.

How to find out if your credentials are on the dark web

If you don’t live in the U.S. or just want to find out if hackers have your credentials now, there are several ways (including a few free ones) to scan the dark web for your passwords and email address.

The first and arguably the most popular is security researcher Troy Hunt’s HaveIBeenPwned. Hunt actually came up with the idea back in 2013 when analyzing data breaches for trends and patterns when he realized just how damaging they can be to ordinary users who might not even be aware of the fact their data was compromised.

Another free option that you can try out right now is Firefox Monitor. As with HaveIBeenPwned, you just need to enter your email address and Firefox Monitor will then search the dark web for your passwords and other sensitive data. However, the service also sends out alerts for new breaches in a similar way to Google’s dark web report.

NordVPN — that's the service we argue is one of the best VPNs today — features a Dark Web Monitor that “runs continuously” and provides results about compromised credentials in real time.

Now that Google is bringing Google One’s dark web report to Gmail for free, even more users will now be able to quickly find out if their credentials have been exposed on the dark web.

More from Tom's Guide

• FTC issues warning over urgent emails from PayPal
• How to use passkeys with your Google account
• Hackers are using this new Gmail scam to steal your data