Password hacks and other security breaches have become an unfortunate and frequent headline in recent years, with massive amounts of data being compromised. In 2018 alone, Facebook saw the personal details of 30 million of its users stolen. At this stage, it's becoming more unusual not to have at least one online account associated with a privacy disruption.
A new update for the Google Chrome browser may be able to keep you better informed of breaches and possible risks to your personal information. Dubbed Password Checkup, the extension matches your login credentials against a database of known compromised usernames and passwords. If your sign-in is no longer secure, you'll receive a warning to change your identification.
The obvious question is whether Password Checkup risks a security breach itself by regularly analyzing your username and password data. Google says that the information transmitted is encrypted and that the company neither recognizes nor retains any of your login data.
Password Checkup might be the most convenient way of keeping track of any compromised passwords, but it's not the only one. We previously told you about Pwned Passwords, a searchable database of vulnerable passwords, and advised on the use of password managers, which can use complex credentials that aren't as vulnerable to leaks.
Google relies on a pool of more than 4 billion compromised usernames and passwords for its security alerts. (The company, for the record, says it never pays for access to stolen credentials.) But it is by no means a definitive list. WIRED reporter Lily Hay Newman tested an account she knew had been exposed in a breach: Password Checkup didn't flag it.
While likely a valuable tool, Password Checkup and applications like it should be part of a multi-tiered approach to security that includes a strong—and unique—password for each site.
[h/t The Verge]