Chrome Extension Spots Hacked Passwords

Chrome Extension Spots Hacked Passwords
Users will receive a warning when they enter login credentials which are known to have been compromised.

(CCM) — Google has launched an extension for its Chrome browser which automatically checks if users' passwords have fallen into the hands of hackers.

Once the Password Checkup extension is running in the browser it checks users' login credentials when they try to log into a web site to ensure that they are still safe. It triggers an automatic warning if a username and password combination is used which is among the four billion credentials which Google knows to have been compromised.

The warning will suggest that the login credentials are changed immediately to a new, secure, combination.

The Chrome extension was designed jointly with cryptography experts at Stamford University, Google says, ensuring that users' current usernames and passwords are not visible to Google or any other party, and that information about the use of compromised credentials is not exposed.

To avoid "advice fatigue" the extension will only warn users when credentials are known to have been compromised. It will not warn users when they have weak passwords (such as "123456") or passwords which have never been changed.

The company says that the extension is in the "early experiment" stage and it will therefore evolve over time as development continues.

Image: © Anthony Brown –