Passwords are one of the major weapons we have at our disposal in the battle to keep us safe and secure when we’re online. Strong passwords include many different characters, both numbers and letters, and should be at least eight characters long. We should also change our passwords regularly to keep ourselves as safe as possible.
The thing is though, that even if we have strong passwords that we change regularly there are still ways for our security to be undermined. Massive data breaches like the one that struck Yahoo could see our security credentials end up in the wrong hands, and our accounts compromised until the next time we change the affected passwords. Fortunately, Google is here to help us prevent such situations arising.
New Chrome extension “Password Checkup” will automatically detect if your password has been exposed by a data breach
Google has recently fallen victim to its own data breach, which led to the closure of the search giant’s long-suffering social network Google+. The bug exposed over half a million Google+ user accounts and exposed their data to third-parties.
It is unsure whether this lies behind Google’s move to develop a password checking Chrome extension, but the blog post announcing the move had this to say, “We built Password Checkup so that no one, including Google, can learn your account details. To do this, we developed privacy-protecting techniques with the help of cryptography researchers at both Google and Stanford University.”
The way the new extension works is by cross-referencing every login detail you use against a database of over 4 billion security credentials Google knows to be compromised. The extension requires little-to-no effort once it has been installed. You’ll notice the icon in the top-right corner of Chrome and that will be it. The extension will then work in the background automatically, whenever you sign into websites. If it detects a compromised set of login details, it’ll alert you and prompt you to change them.
According to The Verge, the tool works with Chrome’s password manager and all passwords are stored in a hashed and encrypted form. Also, all warnings that the extension displays are local to the user’s system. Google has announced, however, that it will collect some user data on how the new extension affects user behavior. This will include data on whether an alert prompts action from the user like the changing of the compromised security details.
Password Checkup is available now as an extension for the Google Chrome browser. When announcing the extension, however, Google was quick to point out that this is still an early version of the tool and that it will continue to develop and refine it further over the next few months.