Shutterstock
With the recent news revealing that hackers have matching email and password pairs of up to 2.2 billion records freely available on the dark web, Google has taken steps to help combat this.
Google has made it possible to automatically detect if you are using a compromised password by releasing a three Chrome browser extension that will verify if the password you are using is still secure.
The first thing to understand about “Password Checkup” the new extension you can add for free to your Google Chrome web browser is that it is not a password manager, but simply a warning service.
Google’s Password Checkup works by automatically comparing any password you input against a database of around 4 billion known usernames and passwords that have been breached, warning you if it finds a match.
If Password Checkup detects a match against your username and password combination to those that are known to have been breached, it informs you via a warning and advises you that you should change your password now.
You can use Chrome’s built-in password generator to generate a new secure password.
One thing everyone might be wondering, if this Google extension is checking all your passwords, then does that mean that Google has a record of all your passwords?
The answer is: No.
Google built Password Checkup to encrypt all data, so the extension has no way of actually seeing your data. Passwords in the database are stored in a hashed and encrypted form, therefore, any warnings that are generated regarding your details are entirely local to your machine.
As mentioned earlier, the free Password Checkup extension is not a password manager. It does not keep track of all your passwords, or offer you the ability to input “one password” to act as a key for everywhere you log in.
All that password checkup serves to provide is making you aware of when you are logging into websites using an email and password combination that has been compromised and is in the possession of hackers or has been posted on the web.
