New Delhi: Google has warned its users across the globe that billions of passwords – credentials for sensitive financial, government and e-mail accounts, were at risk of being hacked.
In a recent blogpost, the leading search engine stated that cyber criminals have been routinely trying to sign-in to sites through credential on the web exposed by third-party breaches. Consequently, cyber experts are urging users to install an additional password protection with the ‘Password Checkup’ add-on from Google Chrome web browser.
“Based on anonymous telemetry reported by the Password Checkup extension, we found that users reused breached, unsafe credentials for some of their most sensitive financial, government, and email accounts,” the blogpost read.
The Password Checkup extension ensures that your password is unique, that is, it hasn’t already been stolen. Moreover, it displays a warning on the screen if you sign in to a website using “one of over four billion usernames and passwords” that have been hacked.
How to check your password
Step 1: Download the free Password Checkup extension from the Google Chrome Webstore.
Step 2: Once installed, the Chrome extension will appear on the righthand corner of the URL bar. The add-on will run in the background of your browser and check the login details recently used.
Step 3: If your password matches a Google database of more than four billion compromised credentials, the Google tool will automatically flag it.
Step 4: An alert will pop up on your screen that reads: “Password Checkup detected that your password for [website] is no longer safe due to a data breach. You should change your password now.”
Step 5: You can then change your password with a more secure one.
Google had announced the Password Checkup extension for Chrome in February this year. The tech giant said that in the first month alone, it scanned 21 million usernames and passwords, and flagged over 3,16,000 accounts as unsafe – which was 1.5 per cent of the sign-ins scanned by the extension.
However, assuring that all user information is encrypted, Google said it has no way of seeing your data.
“We built Password Checkup so that no one, including Google, can learn your account details… It never reports any identifying information about your accounts, passwords or device,” Google said.