Contributor | Telegraph Local
See the New African Living Standard
Google Chrome is cracking down on personal data breaches after a year of soaring phishing attacks. Citing Wired, Google will now scan your passwords against data. Wired reports that Google’s password check feature has spread across the Google ecosystem at a gradual pace this year.
Initially, the password check feature started as “Password Checkup” extension. This was available on desktop versions of Chrome. It would audit individual passwords as they were entered.
Then, the tool spread to every Google account. It was an on-demand audit you could run on all saved passwords.
Now, Password Checkup integrates into both desktop and mobile versions of Chrome 79.
The new password features will work for Google users who have their passwords saved in Chrome and synced with Google servers. Google compares your passwords against its massive 4-billion strong public listings of compromised usernames and passwords. These password comparisons check against exposures going back years. When Google hits a match on the previous compromised passwords, it notifies you that a specific set of credentials is public and thus unsafe. This alerts you when you should change the password.
What about internet users who are not on Google Chrome? (yes, they are out there). We Live Security by Eset has you covered. They have compiled an information piece to instruct you. Review their article to learn how to spot a stolen password combo.
In brief review, We Live Security references the Have I Been Pwnd? search service. This service allows you to submit email addresses and passwords into its search. It will scroll through the massive index of credentials breached in web crimes.
Have I Been Pwnd?-also has references to safe password generation services?
The Have I Been Pwnd?-database cites 9,139,071, 108 pwned accounts in its search base. Of these, 105, 981 were pastes and 124, 178, 862 were paste accounts.
The service also details which sites the credentials were stolen from. This gives you an idea of the cybercrime rates in the virtual communities you frequent. For example, 164, 611, 595 cases in this database were reported from LinkedIn accounts.
The service also keeps old records of compromised websites. For example, the current page topper in the historic index is 000webhost. 000webhost is a free web hosting platform. In 2015, the service had a breach that compromised some 15 million customer records.
Will the new Google Password Checkup prevent your credentials from making it to the dark web? CNet reported recently that, by the time that a company typically alerts you of a breach, your stolen credentials are already indexed on the dark web.
From the look of it, Google has a greater real-time response to data breaches than other alert services. The alert systems that lag behind informing you of the compromise are Equifax, Yahoo, and a few other smaller names.
Also, Google Password Checkup appears to be a defensive measure_more preventative than recovery. In a data breach, prevention seems to be the safest plan. Using the Google Password Checkup as it develops and becomes more user-friendly is strongly advised. Learn about it on Google’s Password Manager.