Google Chrome Password Checkup Warns Users of Account Breaches

Saturday, 09 Feb, 2019

Moreover, just in case someone obtains the person's passwords, using two-factor authentication (2FA) will still prevent other people from controlling user's accounts.

If you fall within the category, you'll then be alerted about your login credentials having been leaked in the past; and prompted to change your password.

Tech giant Google has rolled out a new Chrome extension called Password Checkup. By not using an online security auditing tool, users are exposed to a number of risks such as remaining logged in on old devices or not maintaining the correct account recovery details. "Through our initiative, we want to nudge Internet users by asking them #SecurityCheckKiya and encourage them to take action", Sunita Mohanty, Director, Trust and Safety, Google India, said in a statement.

The new plugin for Chrome was designed in collaboration with cryptography experts from Stanford University, although the extension is now available only for users of Google's browser.

These days, a website is breached all too regularly, and often, that means the accounts and passwords that go with that website are dumped and released to the web.

Put another way, you can always manually check to see if your username and password has been leaked to the Web, using the Hasso Plattner Institute's Identity Leak Checker, HaveIBeenPwned, or some other trusted database.

Many online scams stem from websites that are posing as legitimate services - such as a bank, insurance company, or even Google - which ask you for sensitive information such as passwords or financial details.

Google, however, says that it does collect statistics related to breaches and incidents, which should technically help the company improve the service.

Again Google claims that it will share only the basic information with the apps in such events.

While Google already resets passwords of user accounts who might have been affected by third-party breaches as part of an effort to limit the potential security impact on its users' accounts, this feature is limited only to Google accounts.

"Password Checkup was designed jointly with cryptography experts at Stanford University to ensure that Google never learns your username or password, and that any breach data stays safe from wider exposure", Google said today.