Google warns with Chrome extension about leaked passwords

Spread the love

Google has released the Chrome extension Password Checkup. That extension warns users if they log in somewhere with data that has previously been captured in a hack or leaked. Google claims to have a database with four billion credentials.

The database that Google uses to verify credentials with the Password Checkup extension does not contain the actual data, but hashes and an encrypted copy. By comparing the hashes, the extension can see whether the data that users enter when logging in is part of a data breach.

Google developed the extension in collaboration with cryptography experts at Stanford University. According to the search giant, they have ensured that Google itself can never view the usernames and passwords of the accounts concerned and that the data cannot leak further.

Google also announced that it has reset passwords of 110 million users in the past two years as a precaution. These are passwords that were found in collections of accounts in combination with the e-mail address of the users.

Such collections with billions of accounts are publicly available online. A collection with 2.2 billion accounts appeared at the end of January, after a collection with 773 million email addresses and 21 million passwords appeared online earlier that month. The collections often consist of combinations of data that were captured during previous hacks in recent years.

You might also like
Exit mobile version