New Google Tool For A Safer Online Activity
As part of Safer Internet Day, an initiative supported by the European Commission and other organizations for a safer internet for kids, Google have released a new IT security tool called ‘Password Checkup’ which is a Google Chrome extension.
The extension’s main purpose is to check combinations of username and password users input on various logins in their daily online activity against a list of leaked credentials. If any of these combinations are flagged, the extension warns the user to change them, to avoid any unwanted infiltrations. Of course, there are other tools to help users check the status of their online safety such as have I been Pawned, which checks your email address against a database of compromised websites or services, but the Password Checkup doesn’t require any extra actions, it just works in the background.
The database used was put together by Google engineers from all sorts of data breaches that happened over the years and now contains over a billion leaked credentials.
How to Use the Extension
The Password Checkup extension is easy to use and won’t hinder your device’s performance. All you have to do is install it from the Google Chrome Web store. Once installed, the extension will run a quick checkup and, if everything is in order, will show up in your upper-right corner of Chrome.
From here, the extension will continue working in the background, checking your credentials with every login, and sending warnings if any of your accounts are in danger.
If your using G Suite or have Google Chrome Enterprise for your Chromebooks, you can deploy this extension to all your devices automatically using Google Chrome Management. If you need help with this, your Managed Services provider or G Suite Partner should be able to set this up for you. Otherwise Onsite Helper can do this as well.
It is Safe
Yes, it’s natural to wonder what would happen if someone would hack Password Checkup, but according to Google neither them or an attacker have access to your credentials. The extension was specially designed so that it won’t have direct access to your sensitive information and thus it can’t allow access from outside.
Google talks more about the type of encryption used to protect users from any prying eyes (even Google’s) in their official announcement, so if you’re interested, make sure to check it up.Keep in mind
that the extension won’t display an alert if you use passwords that are extremely common (‘1234’ for instance) because it works with both usernames and passwords. So, it will only display a warning if both the entire username-password combination has been leaked.
Google representatives say that Password Checkup is extremely useful nowadays because attackers use old lists of leaked credentials to launch stuffing attacks. So, if you tend to use the same username and password combos on all your accounts, it’s best to re-think your strategy.
This is especially important for companies and crucial for the ones who process sensitive data and is a good fit businesses operating in the cloud with G Suite. If your database is leaked, besides losing your credibility in front of customers, you may breach GDPR rules and you will be affected by other privacy laws in place.
This extension is not the only security measure you should consider, but it is extremely helpful to have it on your devices.To learn more about Business IT Security, Cyber Security and its importance, check out our articles here:
Onsite Helper Recommends The Best Google For Work Chrome Extensions & Apps
Chrome Management: The Perfect Tool To Keep Your Business Under Control
7 Ways To Secure Your Accounts Against Phishing In G Suite
Find Out If Your Credentials Have Been Leaked On The Internet
The Real Cost Of IT Issues