The Google has introduced a new Password Checkup Chrome extension to help keep your password safe. Whenever you sign in to a site, The Google Password Checkup Chrome Extension will trigger a warning if the username and password you use are one of over 4 billion credentials that Google knows to be unsafe. You can download it from the Google Chrome webstore.
The Google Password Checkup Chrome Extension was designed jointly with cryptography experts at Stanford University and is ensuring that it never learns your username or password and that any breach data stays safe from wider exposure. However, the Password Checkup is an early experiment at the moment. Since alerts prompt users to be extra careful, Google is focusing only on warning you about unsafe usernames and passwords.
The Google says that it designed Password Checkup to prevent an attacker from abusing Password Checkup to reveal unsafe usernames and passwords. All statistics reported by the extension are anonymous. These metrics include the number of lookups that surface an unsafe credential, whether an alert leads to the password change and the web domain involved for improving site compatibility.
The Google Password Checkup Chrome Extension is designed in a way to only alert you when all of the information necessary to access your account has fallen into the hands of an attacker. It only generates an alert when both your current username and password appear in a breach, as that poses the greatest risk. The Google Password Checkup is currently available as a Chrome extension. Since this is the first version, Google says that it will continue refining it over the coming months, including improving site compatibility and username and password field detection.