by 18a Editorial
Recently, 773 million email addresses and passwords were leaked online. Google has introduced a browser extension to help you find out if your details have been accessed. The Password Checkup Chrome Extension will scan your password when you use it online to see if it is found on a hacked database and alert you if your password is listed.
SocialMediaToday pointed out the risk with this is that Google will have to store your password. In response, Google has said:
"At a high level, Password Checkup needs to query Google about the breach status of a username and password without revealing the information queried. At the same time, we need to ensure that no information about other unsafe usernames or passwords leaks in the process, and that brute force guessing is not an option. Password Checkup addresses all of these requirements by using multiple rounds of hashing, k-anonymity, private information retrieval, and a technique called blinding."
A similar product was released in November 2018, that Mozilla shipped with Firefox, called Firefox Monitor. However, under a closer eye, the two services are different. Firefox Monitor shows a user a one-time alert if the website has been hacked in the last 12 months, and informs the users that they should change their passwords. Instead, Google's Password Checkup checks both usernames and passwords at the same time in correlation with hacked databases and notifies the user is their data has been accessed.
The Password Checkup Chrome Extension can be downloaded from the official Chrome Web Store.