A hot potato: By this point, it's a near certainty that at least one set of your login credentials have been exposed via data breach. If you don't change your passwords on a regular basis, it's possible that valid credentials are floating freely on the Internet, just waiting for a nefarious party to exploit. Google wants to help make sure that doesn't happen.
Google has partnered with cryptography experts at Stanford University on the development of a new Chrome extension designed to help keep your accounts safe from hijacking.
With the Password Checkup extension, Chrome will trigger a warning if you sign into a website using a username and password combination found in Google’s database of over four billion credentials stolen as part of third-party data breaches.
When duplicate credentials are detected, Google will prompt you to change your password.
The search giant said it designed Password Checkup to never reveal your personal information to Google. All statistics about usage, including the number of lookups that surface an unsafe credential and whether an alert leads to a password change, are anonymous.
Furthermore, safeguards were put in place to prevent an attacker from using the extension to unearth credentials, such as prohibiting brute-force guessing.
Also worth mentioning is the fact that Google will only alert you if both your current username and password appear in a breach. Outdated and weak passwords won’t generate an alert, Google said.
Password Checkup is available as of writing as an extension for Chrome. Being the first iteration, Google said it will continue to refine the extension over the coming months to improve site compatibility and field detection.
Lead image courtesy Billion Photos via Shutterstock