Google has launched a Chrome extension that will warn users if their username or password has been compromised.
The Google Chrome extension, named Password Checkup, checks for the username and password in a list of 4 billion credential that is known to be compromised and warns the user to change the password.
The extension works in a similar way to HaveIBeenPwned.com which also does a lookup on emails and passwords and would display if either exists in its list of compromised username and passwords.
HaveIBeenPwned.com is one of the largest repositories that allows people to search if their credentials have been compromised. You can use it to check if any of your emails and passwords are in its billions of records.
Password Checkup goes beyond Google sites and apps
While Google already warns its users if it thinks the account has been
The extension was built by cryptography experts from Google and Stanford University.
Cross Account Protection
Google also launched a new feature called Cross Account Protection which also protects your Google Account in apps there you have used Google Sign In.
Cross Account Protection will send information about security events to apps and sites where the users has used Google Sign In.
To protect the users Google limits the security event by
- Sharing only an indicator that a security event has occurred
- Only basic information about the event is shared, e.g. if the account was hijacked
- The information is only shared with apps where the users have logged i
The Cross Account Protection is built in collaboration with major technology companies and follows the community standards from Internet Engineering Task Force (IETF) and OpenID foundation to make it easy to implement.