[SOLVED] Exposed Password / Change Your Password - Browser Prompt


I’m trying to implement a user system in Meteor. I’ve got a simple login form which takes a username and password and logs in using the loginWithPassword Meteor method.

I have followed the Meteor documentation. Regardless of if I have the ‘insecure’ package installed or not, it throws this error:

"Change your password

A data breach on a site or app exposed your password. Chrome recommends changing your password on localhost:3000 now."

Screenshot 2020-10-11 at 18.18.24

It seems to only happen when I trigger a redirect right after calling the loginWithPassword function. I tried to call it immediately after, within loginWithPassword callbac, within an Accounts.onLogin function that is called right it and an Accounts.onLogin function that is called within it’s callback, but I have had no luck.

I thought I might have needed to use DDP / Accounts (multi-server) but it appears not - I would have different errors for that, would I not?

Any help would be greatly appreciated.

Thank you!

This message comes from Chrome, so the whole thing has nothing to do with Meteor.

Chrome has access to each password field, and uses its content to perform a search in Google’s database of passwords of hacked/compromised accounts. If there is a match with the password entered by you, no matter how trivial, Chrome presents this warning.


Olay, that’s a relief. Thank you very much, @peterfkruger!

I was using a very generic “q, q.q@q, q” login to make it quicker for myself - I guess that’s why.

1 Like

You’re welcome! I wish every problem went away in an instant as easily as this. :wink:

1 Like