# Change At-Risk Passwords

If you see a **Review and change at-risk passwords**or a**Your password is at-risk, update it now** banner, you have a password in your vault that should be replaced with something stronger. This banner is appearing to you for one of two reasons:

- The administrative team for your organization has identified a weak, re-used, or exposed password and requires you to update it, you may also receive an email informing you of this. Browser extensions will report in the **Vaults** view when your admin team requires you to update a password.
- As a Premium user, a weak, re-used, or exposed password has been automatically identified by underlying [vault health reporting](https://bitwarden.com/it-it/help/reports/) and suggested by Bitwarden as an important opportunity to improve your security hygiene. Browser extensions, desktop apps, and the web app will report in the **Item** view when a particular password should be improved.

![Change an at-risk password](https://bitwarden.com/assets/2N1WqXBUVvutN9qQR73WbQ/ad56aeac00234010b56e1cc74a4ba542/2025-04-25_13-08-23.png)

In your browser extension, click the banner and use the **Change**button for each at-risk password to replace a weak, re-used, or exposed password with a strong new one. In most cases, the browser extension will guide you directly to that service's "Change password" page. Remember that:

- You must change the password within the website's "Change password" form as well as within Bitwarden.
- You should use the [password generator](https://bitwarden.com/it-it/help/generator/#tab-browser-extension-6xKx6UelBVUbCceB9IupEa/) to create a strong and unique new password.