This year, on February 5th, we celebrated Safer Internet Day, an initiative supported by the European Commission and other organizations for a safer internet for kids everywhere. On this occasion, Google responded by releasing the ‘Password Checkup’ Chrome extension.
The extension’s main purpose is to check combinations of username and password users input on various logins in their daily online activity against a list of leaked credentials. If any of these combinations are flagged, the extension warns the user to change them, to avoid any unwanted infiltrations. Of course, there are other tools to help users check the status of their online safety, but the Password Checkup doesn’t require any extra actions, it just works in the background.
The database used was put together by Google engineers from all sorts of data breaches that happened over the years and now contains over a billion leaked credentials.
How to Use the Extension
The Password Checkup extension is easy to use and won’t hinder your device’s performance. All you have to do is install it from the Chrome Web store. Once installed, the extension will run a quick checkup and, if everything is in order, will show up in your upper-right corner of Chrome.
From here, the extension will continue working in the background, checking your credentials with every login, and sending warnings if any of your accounts are in danger.
It is Safe
Yes, it’s natural to wonder what would happen if someone would hack Password Checkup, but according to Google neither them or an attacker have access to your credentials. The extension was specially designed so that it won’t have direct access to your sensitive information and thus it can’t allow access from outside.
Google talks more about the type of encryption used to protect users from any prying eyes (even Google’s) in their official announcement, so if you’re interested, make sure to check it up.
Keep in mind that the extension won’t display an alert if you use passwords that are extremely common (‘1234’ for instance) because it works with both usernames and passwords. So, it will only display a warning if both the entire username-password combination has been leaked.
Google representatives say that Password Checkup is extremely useful nowadays because attackers use old lists of leaked credentials to launch stuffing attacks. So, if you tend to use the same username and password combos on all your accounts, it’s best to re-think your strategy.
This is especially important for companies and crucial for the ones who process sensitive data. If your database is leaked, besides losing your credibility in front of customers, you may breach GDPR rules and you will be affected by other privacy laws in place.
This extension is not the only security measure you should consider, but it is extremely helpful to have it on your devices.
To learn more about online safety and its importance, check out our articles here: