Google has launched a new password check — a way for people to see if the word they've entered online has ever appeared on a compromised list. The feature, called Password Checkup, is only available on Google Chrome, and requires a plug-in that needs to be downloaded and added to the web browser.
Once active, however, the plug-in will automatically alert people if the username and password they're entering is one of four billion that Google knows has already been compromised. If that's the case, the extension will automatically issue a warning, prompting you to change the password — and ideally anywhere else you use that password as well.
- TeenSafe app left thousands of email passwords unsecured
- MyFitnessPal hack hits 150 million users
- 5 ways to keep your cyber life more secure
Installing Password Checkup takes just four simple stepsGoogle
Password Checkup works only when it's needed. Instead of popping up often the feature will only send an alert if the actual combination of a user name and password has been compromised, Google explained.
Even though strong passwords are a better way to log-in to a site — and using two-factor authentication is an even preferred option — weak passwords, or those that are outdated won't trigger a warning. The goal is to only have people take actions when a security need is really needed.
Google also assured users that all information entered and read remains anonymous, by using a cryptography technique called blinding. That means the input and the output is not known to Google, said the company.
Updates to Password Checkup should be expected in "coming months," said Google.
Password Checkup will let you know if the passwords you're using haven't been compromised to Google's knowledgeGearBrain
Installing Password Checkup
For those who want to add the feature, Google has created an easy set-up for installing and launching Password Checkup.
- First, on a Chrome Browser, head over to the Chrome web store.
- Next, click on the blue button that says, "Add to Chrome."
- A prompt will appear, alerting you that the extension can read and change data on websites that you visit only. This is the key — the action that allows you to change compromised passwords.
- You can then click "Add extension" if you're ready to install the feature.
The entire installation should take about four seconds, at which point a green badge will then appear in the upper right part of your browser window.