Google's Password Checkup Feature
A good password can protect your account from intruders, but only if it follows several basic security rules.
As such, every password you use must be unique for the account (no reusing with other accounts), it must have different characters (numbers, letters, special characters), and it mustn't be easy to guess (a name, a special date, or a common word).
It sounds simple enough, right?
Still, according to a poll by Google (published in February 2019), 52% of respondents declared they reuse passwords for some accounts while 13% said they use the same password for all their accounts. The same poll showed that only 24% of people use a password manager tool!
To make things worse, in 2019, Microsoft released a statement saying that 44 million Microsoft accounts were using leaked credentials.
These data are worrisome for any security specialist, but they should bother regular people (individuals and business owners) as well! Passwords are our main defence tool against intruders, and yet, most people don't seem to understand the risk of using weak and possibly compromised credentials.
Google is trying to change this lukewarm approach to people's personal online security by making the Password Checkup feature more vocal.
The feature was first launched in February 2019, as a Chrome extension and is now part of the Chrome browser and Google's Security dashboard. Its main purpose is to check users' logins against a database of 4 billion leaked credentials and warn users if it finds a match.
This measure is designed to prevent further data breaches. According to Google specialists if your credentials have been leaked, the risk of a data breach is 10 times higher than if you use credentials that have not been exposed.
people who've had their data exposed by a data breach are 10 times more likely to be hijacked than a person that's not exposed by one of these breaches,
As such, if you want to make sure your passwords are safe from prying eyes, go to the Security dashboard and follow the instructions. If you're prompted to change passwords because they are compromised, do so without hesitation!
It's important to specify that Google performs this search without invading your privacy (it doesn't see your password) and without risking exposure. Google compares a hashed and encrypted version of your login information against its database of leaked credentials without allowing anyone to see the data on either side.
Lastly, the work on the Password Checkup feature has just begun, as Google continues the work for a safer online environment. Until then, it's crucial that each person and business keeps a vigilant eye over their passwords and follows the rules for strong and unique credentials. Its also highly recommended to use Multi-Factor Authentication to make it close to impossible for hackers to get in if your passwords are exposed.
If your interested in implementing Multi-Factor Authentication or using a password management tool to manage all your unique passwords, get in touch with our team to get expert advice and help with implementation.