Board Thread:General Discussion/@comment-9605025-20200304001118/@comment-168424-20200304004048

It looks like Chrome just compares its saved password data to some breach list Google has somewhere.

Just a piece of advice. Never change your password from UI presented by a popup. Only change your password on a page served with HTTPS where you can verify the domain in the URL matches what you expect. Be careful of sneaky fake domains like gogole-security.com.