Google introduces ‘Password Checkup’ to save your credentials from data breaches
Tech giants are already facing scrutiny over data breaches that have caused millions of users to lose their credentials. Last October, Google dramatically announced that it would shut down Google+ this year due to a bug that exposed of 5,00,00 users’ data for about three years.
This new Password Checkup tool once installed will check passwords that are used for login and prompt warnings if the password used on a site has been compromised.
“We built Password Checkup so that no one, including Google, can learn your account details. To do this, we developed privacy-protecting techniques with the help of cryptography researchers at both Google and Stanford University,” Google mentioned in its blog post.
While data breach has now become a common phenomenon with users’ important credentials being sold on the ‘black market.’ Google’s new password checking tool has been introduced right on time when the recent ‘Collection#1’ hacks compromised several unique passwords and passed around a huge collection of 2.2 billion stolen logins.
This new tool is believed to work with the user’s current password manager and the passwords are said to be stored in the database in a hashed and encrypted form.
The Verge points out that any warning that is generated about users details is entirely local to their system.
Google says that it won’t bother users about their outdated passwords, however, the company will likely collect some ‘anonymous data’ from user’s Password Checkup usage including “the number of lookups that surface an unsafe credential, whether an alert leads to a password change and the web domain involved for improving site compatibility.”
As mentioned earlier, Password Checkup is currently available as a Chome extension. Google notes that since it is the first version, the company will refine it over the coming months and include “improving site compatibility, username and password field detection”.