Jump to content

Chrome now warns you if your password has been stolen

Recommended Posts

Chrome now warns you if your password has been stolen


Microsoft: 99.9 percent of hacked accounts didn’t use MFA


The browser’s latest version also aims to up the ante in phishing protection



Google has added a new feature to its Chrome web browser that will alert users if their login credentials have been compromised in a security breach, according to the company’s announcement.


This may sound familiar, and with good reason. The functionality builds on Chrome’s Password Checkup browser extension, which was rolled out in February of this year and has since been downloaded a little over a million times. In October, Google integrated the feature into Google Accounts, giving users an easy way of checking whether their saved passwords may have been leaked or stolen, as well as determine if their login credentials are weak or reused in multiple accounts.


Now, however, the company is making it even easier to find out if your username/password combinations may have been exposed. The feature – which is part of the release of Chrome 79 to the stable channel for Windows, Mac, Linux, Android, and iOS – has been made available for everyone who’s logged into the browser.


In a separate blog post, Google gave assurances that the usernames and passwords are hashed and encrypted and that nobody, including the company itself, is able to derive the username or password from the encrypted copy.


As an aside, if you don’t use Chrome, there are other ways to find out if your login details have been exposed in a known security incident. Our recent article sums up some of the most common options.



Source: Google



Phish me not

Recognizing an online phishing attack isn’t always easy, and Google has sought to help people stay safe from this pervasive con. Earlier this year, for example, the company rolled out a quiz that, drawing on real-life techniques deployed by scammers, tested users’ phish-spotting prowess.


Coming back to the present, on top of the integrated leaked-password checker, Chrome’s latest update includes real-time phishing protection. This security enhancement also builds on an existing functionality, as the browser has for some time displayed warnings to people when they attempted to navigate to sites known to pilfer logins.


The feature, which can be controlled in the ‘Settings’ tab under ‘Sync and Google services’, relies on Google’s service known as Safe Browsing, which contains a database of unsafe web resources that updates every 30 minutes. According to the company, however, many phishing sites slipped through the time window. Google says that the expansion of its phishing protection and real-time scanning on desktop has been shown to create alerts for an extra 30 percent of phishing sites.


Beyond that, the latest Chrome update also fixes 51 vulnerabilities, including two rated as ‘critical’.



Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...