Google Password Checkup- Google’s new password checkup tool joins other similar services including Have I Been Pwned and Mozilla’s Firefox Monitor.
Google will soon alert Chrome browser users of weak or compromised passwords. The checks will be in real time as Chrome users visit a password protected website. Bad passwords will trigger a red dialogue box alerting users to take action to better protect their account.
The move integrates a feature previously only available via a Google Chrome browser extension called Password Checkup. According to Andreas Tuerk, product manager for Google’s Password Manager, the password checking feature will be integrate into Google Accounts and no longer require the browser extension.
“Later this year, we’ll build Password Checkup technology directly into Chrome for everyone—so you get real time protection as you type your password without needing to install a separate extension,” Tuerk wrote in a post Wednesday.
Users who allow their Google Chrome browser to store passwords for sites will alerted. However, if a user declines to have the Chrome browser “save” their password for a specific site, there is no red flag that the password is weak or compromised when visiting the site.
The password checkup feature, first released as a Chrome extension in February, cross references user passwords with the 4 billion username and password combos that Google said it knows have been breached.
“Until passwords become a thing of the past (trust us, we’re working on it), there’s a simple and secure solution: use a password manager, like the one built into your Google Account and Google Chrome,” Tuerk wrote. “It generates strong, unique passwords for all your online accounts, auto-fills them as you sign in, and helps keep them safe in a central place.”
Not the First Password Alert Service
The big “password problem” has plagued the security industry for years. Poor password hygiene, including reusing passwords or picking easy-to-guess passwords, is greatly exacerbating many of the major issues that plague the cybersecurity landscape, researchers like Troy Hunt have said in the past.