<img src="https://certify.alexametrics.com/atrk.gif?account=kla4t1zDGU20kU" style="display:none" height="1" width="1" alt="">

New Chrome extension checks if your passwords have been leaked

by Cybersprint News Feb 7, 2019

Google has released a Chrome extension that automatically detects if your entered password has ever been leaked. “Password Checkup” was announced on 5 February, and functions as your silent security assistant as you surf the web.

There have been several announcements of password leaks over the past few weeks. “Collection #1” and a week later “Collection #2-5”, for instance, leaked a total of nearly 3 billion email addresses and passwords. These immense data dumps then circulate the internet, meaning your professional or personal email details could be in someone else’s possession.

You can check whether your email address has been leaked in any of the identified data dumps in several ways, such as via the site haveibeenpwned.com. The site, managed by cyber security expert Troy Hunt, runs your email address through a database of known leaks. It tells you if your email has ever been part of a leak, so you can change your password accordingly. However, like most people, you probably use one email address for many different web accounts, making it difficult and time-consuming to trace and adjust all passwords.

Google’s Password Checkup works in a similar way to haveibeenpwed.com, but doesn’t require your active input. It runs in the background and automatically checks whether the password that you have just entered has been leaked. If it is, it will let you know via a notification so you can prevent an account takeover. The database consists of roughly four billion usernames and passwords.

The method does raise some concerns about Google collecting your passwords. However, Google security and anti-abuse research scientist Kurt Thomas states that “Google never learns your username and password in the process.”

Also, the extensive database makes a data breach on Google’s part all the more dangerous. Still, Google’s own digital security is top-notch, especially for this kind of data. They collaborated with cryptographers at Stanford University to devise layers of security measures that scramble the database, providing very strong anonymity of the information. You can read more about the extension and the decryption here.

Password Checkup seems to be a convenient aid to your online security, for both professional and private use. Combining the service with a password manager that remembers and auto-fills your (preferably randomly generated) passwords will significantly decrease the chances of finding your details in the next data dump.

Participating in the global 2019 Urban Resilience Summit

From 8-11 July 2019, the 100 Resilient Cities network will pay a visit to The Hague and Rotterdam to join the 2019 Urban Resilience Summit. The visitors will visit the Cyber Living Lab at The Hague Security Delta campus, where participants, representing cities from all over the world, will join to learn about the innovation processes and best practices. Cybersprint will present and demonstrate their Digital Risk Protection platform with features especially developed to scan the digital footprint and help a city’s cyber resilience.

read more

The Rise of Automated Hacking

There is a shift in the way cyber criminals are targeting organisations. The methods of mass phishing and hacking are making way for more directed and personalised attacks. They carefully select their targets and craft convincing messages. However, that takes much more time and preparation. To make up for that, they now use automated techniques to carry out attacks. How can you protect your organisation from this emerging threat? 

read more

Cybersprint at Infosecurity Europe

Cybersprint will be participating in the Infosecurity Europe in London, from 4-6 June 2019. Our stand will be located in the Holland IT Security House at stand M40. We invite you to come and pay us a visit and learn more about overcoming your organisation’s cyber security challenges with our Digital Risk Protection solutions. Moreover, our colleague Robert Krenn will present on the value of ‘automated hacking’ on Thursday 6 June.

read more

Do you have a question?

Our experts have the answers

Contact us