Google releases Chrome extension to check for leaked usernames and passwords
- Author: Terrell Bush Feb 07, 2019,
Feb 07, 2019, 0:50
"Google helps keep your account safe from hijacking with a defense in depth strategy that spans prevention, detection, and mitigation", blogged the company's anti-abuse team.
The two services are called Password Checkup and Cross Account Protection, and help protect users not just when they're using Google's sites and apps, but beyond that as well. If Google detects a username and password on a site you use is one of over four billion credentials that it knows has been compromised, you will get an alert and a recommended action. The extension enables you to find out which accounts have been compromised and prompts you to change unsafe passwords.
February 5th, 2019 happens to be Safer Internet Day, and Google is celebrating by releasing an awesome security tool that's available right away for all Chrome browser users. For instance, Google might tell third-parties app partners that your account was hijacked or that it required you to sign in again because of suspicious account activity, but beyond that, it doesn't sound like it'll share too many details in the interest of user privacy.
Beyond that, Google also announced Cross Account Protection.
While Google already resets passwords of user accounts who might have been affected by third-party breaches as part of an effort to limit the potential security impact on its users' accounts, this feature is limited only to Google accounts.
"This is our first version of the Password Checkup, and we'll be refining in the coming months". Sixty-nine percent of respondents rated themselves highly for how they protect their accounts, even though the responses to other questions in the poll would seem to indicate otherwise. When your Google account is compromised, Google will notify the apps and websites where you have used your Google credentials about the breach so that they can secure your account on their platform.
The internet giant said it has worked with industry bodies the Internet Engineering Task Force (IETF) and the OpenID Foundation in order to make it easier for other sites and apps to introduce it.