New Chrome extension checks your passwords against data breaches
Google is rolling out a new Chrome extension that will automatically check your password to make sure they have not been exposed to third-party data breaches. Password Checkup, which is available from the Chrome Web Store, supports most US sites.
The extension, once installed, automatically reads any login data that you enter and checks it against a database of nearly four billion usernames and passwords that are known to have been breached.
Google announced the new extension via its blog. Google already automatically resets the password on your Google Account if it is known to have been reached, and now Mountain View says it wants to "provide you with the same data breach protections for your accounts, beyond just Google apps and sites."
If you enter username and password data that positively matches Google's database of hacked or exposed logins, the extension will trigger an automatic warning and suggest that you change your password.
"We built Password Checkup so that no one, including Google, can learn your account details," writes Google in the blog post. "To do this, we developed privacy-protecting techniques with the help of cryptography researchers at both Google and Stanford University."
You can add the Password Checkup extension now.
Cross Account Protection
Google also announced that it was bringing its security tools to apps that you sign into with Google Sign In. With Cross Account Protection, Google is able to send information about security alerts to apps and sites that have implemented it - allowing for greater protection.
Google says that the security events have been limited to protect your privacy. The blog post stated that: "We only share the fact that the security event happened, we only share basic information about the event, like whether your account was hijacked, or if we forced you to log back in because of suspicious activity, and we only share information with apps where you have logged in with Google."
What do you think of Chrome's new security measures? Will you be installing the extension?
Via: The Verge Source: Google Blog
Whose database of vulnerable passwords are they checking against?