Google's Password Checkup Will Alert If Your Password Was Breached

Har Devarukhkar - Oct 05, 2019


Google's Password Checkup Will Alert If Your Password Was Breached

Password Checkup, a Google Chrome extension, is released to warn users if they reuse old passwords or make up weak ones.

According to Harris Poil and Google’s survey released Wednesday, about 25% of US people are using simple passwords such as “123456,” “abc123,” and “Admin.” If you are using such simple passwords, Google now helps you will its Password Checkup tool, which has been added to its accounts management service.

The search giant said that this tool would be integrated into its Password Manager, and it will warn users of their passwords and usernames were hacked in data breaches. Back in February, Google initially launched the tool as an extension in Google Chrome.

googles-password-checkup-will-alert-if-your-password-was-breached-1
Google's Password Checkup tool will help you improve your passwords

According to Mark Risher, director of account security at Google, the extension was meant to be a default tool. When the company rolled out the extension in February, it aimed to experiment with the way of presenting this toll to the public, Risher explained, but the ultimate goal was bringing it to many people as it could.

"The state of passwords is so bad that we want to turn this on for every user across the internet," he stated.

Hackers have a special technique known as credential stuffing. As users tend to reuse their passwords for different accounts, hackers will try to enter those passwords, signing in the most accounts possible. For example, in 2012, your account information in a Yahoo breach was stolen. If you reused it, those credentials could be used by hackers to hack your Dunkin’ Donut account years later.

googles-password-checkup-will-alert-if-your-password-was-breached-2
The tool will alert if your password is no longer safe

The survey results showed that 66 percent of respondents used one password for several accounts, making them targets for attacks. The new extension could notify users by automatically checking the credentials of users, finding out if their data were hacked. It is something that Google's Nest, Facebook, and Netflix also do.

As stated by Risher, for a month, approximately 10 million passwords were scanned, and over 1 million users have downloaded the extension since February. Blinding, a special cryptography technique, is used so that without viewing people’s data, Google can compare their passwords with a leaked password database in different public breaches.

Eight months ago, the search giant reported that it has 4 billion passwords and usernames in its database, which it gathered from public breaches. The database keeps growing as more breaches happen. Also, the credentials are encrypted and hashed.

Risher also said that during the first month of installing the extension, nearly 50% of users received at least an alert about their exposed passwords. He also added that Google Checkup helped to protect about 750,000 accounts. After having looked through 21 million logins last month, they had detected 316,000 passwords that were breached.

googles-password-checkup-will-alert-if-your-password-was-breached-3
The tool will be added to Password Manager

Google will add the Password Checkup too to its Password Manager, which means people don't have to download the extension. However, it will not be an automatic checkup, so users will have to use the tool each time they learn about a new breach.

This December, when the tool is integrated into Chrome, only when users sign in to accounts will the vulnerable password be flagged. The company may make the tool automatic in the future, Risher said.

When people see the advantages and understand how beneficial the tool is, the company will quickly develop the automatic mode.

googles-password-checkup-will-alert-if-your-password-was-breached-4
Weak reused and breached passwords will all be identified by this tool

Besides detecting breached passwords, reused or weak ones like “123456” will also be identified. Password Checkup will remind users to update vulnerable credentials as well as save different passwords to the Password Manager.

Password quality is measured base on the guidelines of the US National Institute of Standards and Technology. In the guidelines, a password should have eight characters in minium and users shouldn't use words that can be found in the dictionary.

"We're super confident that this is beneficial and makes people more secure," said Risher.

Next Story

Read More

7 Emerging Technologies That Can Pose Major Threats To Cybersecurity

Features- Oct 14, 2019

7 Emerging Technologies That Can Pose Major Threats To Cybersecurity

With only a few months left, 2019 has seen a slew of new cybersecurity threats. Citizens and government agencies have both fell victims of these attacks

Celebrity Voices Update For Google Assistant : How To Get It

How To- Oct 12, 2019

Celebrity Voices Update For Google Assistant : How To Get It

Google announced the new voice to hit Google Assistant in full on Oct 10th, 2019. This is the 2nd celebrity voice after the 1st one released back in 2018

Fitness Trainer Used 369 Fake Instagram Accounts To Harass Her Competitors

Features- Oct 14, 2019

Fitness Trainer Used 369 Fake Instagram Accounts To Harass Her Competitors

A fitness trainer named Tammy Steffen has been arrested by the FBI for creating 369 fake Instagram accounts to harass her competitors.

Nokia 6.2 Arrives In India With Snapdragon 636 Chipset And Dot Notch Display

Mobile- Oct 14, 2019

Nokia 6.2 Arrives In India With Snapdragon 636 Chipset And Dot Notch Display

The Nokia 6.2 is the latest Android One phone from HMD Global, coming with pre-installed Android 9.0 Pie at launch and a dot notch display.

Best Cases For Samsung Galaxy S10, S10 Plus, And S10E

Gadgets- Oct 12, 2019

Best Cases For Samsung Galaxy S10, S10 Plus, And S10E

No matter which S10 phone you buy, there are many cases out there for it. And below are some of the best case choices for your Galaxy S10 smartphones.

Learning New Languages Is Now Just A Cakewalk For Alexa

ICT News- Oct 14, 2019

Learning New Languages Is Now Just A Cakewalk For Alexa

Here's why Alexa could become a polyglot in the near future.