Users of Google Chrome can download the extension, called Password Checkup, which monitors their various website logins.
The site notifies you when you log in with a username and password that has been compromised and triggers a warning to update your password.
The company can cross-check the logins against a database of more than four billion username and password entries.
Google CEO Sundar Pichai tweets: ‘Today, we’re introducing two new updates that will help keep your data secure: Password Checkup, a Chrome extension that helps protect your accounts from third party data breaches, and a new feature called Cross Account Protection.”
The second tool, Cross Account Protection, extends the Google ecosystem’s account hijacking and breach notices to apps that utilise Google Sign In.
To install, search the Password Checkup icon in your browser bar and download.
After that, Google claims that every time you sign into a site, Google will check your login credentials to see if they are still safe to use.
The database is regularly updated and gets the information from sources such as password dumps when a web site’s security has been exposed and the contents of the web site are dumped on the web.
Because many people use the same passwords across sites, criminals could try to use the information to gain access to other accounts.
Google says that its new browser extension has been built so that ‘no one, including Google, can learn your account details’.
They say users’ passwords and usernames will be ‘strongly hashed and encrypted’ so the company will not be able to see them itself.
Although some users were sceptical about the new extension: One writes in a forum on Hexus, a technology site: “yes please Google. have all of my passwords. thanks x”
Another comments: “Lol, I don’t think so.”
How can I choose a secure password?
According to internet security provider Norton, “the shorter and less complex your password is, the quicker it can be for the programme to come up with the correct combination of characters.
“The longer and more complex your password is, the less likely the attacker will use the brute force method, because of the lengthy amount of time it will take for the programme to figure it out.
“Instead, they’ll use a method called a dictionary attack, where the programme will cycle through a predefined list of common words that are used in passwords.”
Here are some steps to follow when creating a new password
DO:
Use a combination of numbers, symbols, uppercase and lowercase letters
Ensure that the password is at least eight characters long
Use abbreviated phrases for passwords
Change your passwords regularly
Log out of websites and devices after you have finished using them
DO NOT:
Choose a commonly used password like ‘123456’, ‘password’, ‘qwerty’ or ‘111111’
Use a solitary word. Hackers can use dictionary-based systems to crack passwords
Use a derivative of your name, family member’s name, pet’s name, phone number, address or birthday
Write your password down, share it or let anyone else use your login details
Answer ‘yes’ when asked to save your password to a computer browser.
(Daily Trust)
16 thoughts on “Google introduces a way to know your login details is safe”