Chrome's new tool warns about breached passwords

Science

06 Feb 2019

Chrome warns if your password has been leaked: Here's how

In a bid to boost online security, Google has launched a tool that automatically checks if your password has been leaked anywhere on the internet.

It comes in the form of a Chrome extension, named 'Password Checkup', and issues an alert if you are found to be using a breached password.

Here's how you can use it to stay safe online.

Breach issue

Problem of data breaches: You just can't stop them

Problem of data breaches: You just can't stop them

Data breaches are a common occurrence and, frankly speaking, there's no stopping them.

You cannot stop hackers from breaking into sites, but the impact of their attacks can definitely be contained by having unique passwords for every service.

This way, whenever a platform is compromised, you can just change the password for that account and everything else remains unaffected.

Need

However, you'll need to know which password has been compromised

In order to secure your account(s), you have to first know which username-password combinations have been compromised

This is exactly where Google's Password Checkup comes in.

Once you will install it and log in on a website, it automatically checks your details against a database of 4 billion leaked passwords to confirm whether the password you're using has been leaked or not.

Love Tech news?

Stay updated with the latest happenings.

Yes, notify Me

Warning

If a match is found, Google will alert you

If a match is found, Google will alert you

If a match is found after scanning username-password, the extension will issue bold-red warning alert noting that the password you're using for logging in has been compromised.

With this information, and the fact you're already logged in, you can change the password on the service in question and pick a new unique one.

The password-picking process can be handled by any good password manager.

Security

Also, do note that every detail remains encrypted

As the process is dependent on sending data to Google, the search giant has emphasized it employs extensive techniques to keep your username and passwords safe.

It keeps all leaked passwords and the ones they're matched against in a strongly hashed and encrypted form.

Plus, the final matching happens locally, which is why nobody can ever know what your password is.

Share this timeline

Share this timeline

Ask NewsBytes
User Image

Most asked questions

How to get this tool?

Is this better than 'Have I Been Pwned'?

Will Google read by information?

Which password manager to use?

More questions

How to get this tool?

Asked 2019-02-06 16:38:44 by Ridhi Nair

Answered by NewsBytes

You can download this extension by heading over to the Chrome's extension store and searching 'Password Checkup'.

Is this better than 'Have I Been Pwned'?

Asked 2019-02-06 16:38:44 by Pari Mehra

Answered by NewsBytes

Have I Been Pwned also hosts a massive database, but you cannot use to get alerts when logging in.

Will Google read by information?

Asked 2019-02-06 16:38:44 by Pranav Jhadav

Answered by NewsBytes

Google claims it partnered with Stanford's cryptographers to make this process fully secure. So, there's no way anyone could be reading or using your confidential password.

Which password manager to use?

Asked 2019-02-06 16:38:44 by Hansika Malhotra

Answered by NewsBytes

You could use Chrome's own password-generator or choose LastPass or 1Password. They both are pretty effective.

Next Timeline