Google are launching Password Alert, an open-source Chrome extension that helps protect Google and Google Apps Accounts from phishing attacks and encourages people to use different passwords for different sites, a security best practice.
When an employee with Password Alert installed enters their Google password into any site other than an authentic Google sign-in page (accounts.google.com), that employee will receive an email notifying them to change their password.
In addition, Google Apps admins can choose to deploy an App Engine App that allows for, among other things, auditing and notifications to admins when employees enter their passwords into non-Google websites, and the ability to force those employees to change their passwords after doing so.
As an admin, you can install the Password Alert Chrome extension for all or some members of your domain. To get started with Password Alert, check out the Help Center and FAQ linked below. The Help Center includes a useful Deployment Guide, which outlines the options and requirements for enabling Password Alert for your domain.