Type “data breach” into Google.
Cry. Then change all your passwords yet again.
And then download Password Checkup, a new — and free — Google Chrome plug-in that alerts you when you attempt to sign in to any site affected by a data breach.
It’s pretty innocuous. A small PC icon appears in your browser bar and the extension works quietly in the background. If you’re alerted about a breach, it’ll warn you to reset your passwords on other sites that use the same username and password as well. That’s it.
Now, the real question is: Is trusting Google with passwords like trusting Facebook with a VPN? Google, which designed the extension with cryptography experts at Stanford, claims it’ll never report any “identifying” info about your accounts, passwords or devices. “We do report anonymous information about the number of lookups that surface an unsafe credential, whether an alert leads to a password change, and the domain involved for improving site coverage,” they note. A very detailed explanation of their security and privacy requirements is located here.
Because it lacks the bells and whistles of a password manager — which can be used across devices, recommend difficult-to-crack combinations and also warn you about weak or reused passwords along with breaches — we find Password Checkup a useful tool that should be used in tandem with the likes of LastPass, 1Password or, our favorite, Dashlane.
You really cant be too safe these days.
H/t Wired
Photo by Alejandro Escamilla on Unsplash
This article was featured in the InsideHook newsletter. Sign up now.