Google is committed to making your internet experience safer and secured. In a bid to do so, a new security tool by Google is introduced that protect you from harmful passwords.
Starting next week, Password Checkup, an optional extension Google launched earlier this year, will be integrated into Chrome’s in-built password manager.
This feature will function on 2 main axes. First, just like the Password Checkup extension, it will check if username-password combinations have been compromised in any of the past data breaches. For this, Google has curated a database of over 4 billion leaked credential combinations. In case, the password manager finds a leaked combination being used, the user will be alerted. To ensure the security of the already leaked data, this database will be encrypted.
Second, the feature will rate password strength and check for reused ones.
At present, a Chrome web dashboard user can access the feature on passwords.google.com, where all saved passwords are synced to. The new option appears on top of the page with a button to “check passwords“. It’s accessible with Android, Windows, MacOS, and iOS. However, the inbuilt version is available on Chrome Canary, the version where new features are tested.
On the Chrome browser, the feature will only operate if a user’s Chrome profile is a Google account.
The launch of this feature certainly bears witness to Google’s dedication to the security of millions of internet users worldwide that use any of Google’s service. It shows that Google is willing to take steps to improve its security, the effectiveness of which has been questioned on multiple occasions. In 2014, a bug known as Heartbleed made it easy for prying eyes to access system data. In the same year, the credentials of 5 billion Google users were found going around Russian cybercrime websites. In 2016, it was discovered yet again that user data has been leaked. Much recently, a security loophole was also found in Google Calendar.
Even so, security bugs aren’t the only way data is being stolen. In August, Google conducted a survey with The Harris Poll to gain substantial data on the ‘password habits of Americans’. The survey unearthed many widespread habits that make data breaches easier. The study showed that a significant number of users come up with simple passwords and then reuse them across a number of services. Another sweeping trend is the use of names of family members and pets in passwords. Since personal data is no longer secure, such passwords also become significantly easy to hack into.
There are many other similar websites and extensions across the internet that let a user know if their data has been breached. One such example is, Have I Been Pwned, a website that has its own database of breached data which lets users know the security status of their own data. Another such service is the Firefox Monitor. However, Google insuring its users against breaches through an automatic internal system will prove to be more useful in the longer run.