Google launches Chrome extension to find if someone has stolen your password

Another new tool will try to stop hackers if they do successfully make it into an account

Andrew Griffin
Wednesday 06 February 2019 04:55 EST
Comments
Google was handed a record fine for breaching GDPR rules
Google was handed a record fine for breaching GDPR rules (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Google is trying to warn people that their passwords are being stolen and used across a wide variety of sites.

The company has released a new Password Checkup tool, which can be added to the Chrome browser and will alert people if their account details have been caught up in a cyber attack or a data breach.

If a login is stolen and made available on the internet, a pop-up will show up making clear the details are no longer safe and that they should change their password.

The tool has been designed with the help of cryptography experts at Stanford University, the firm said, adding that it had been built with “privacy at its heart” and as such will never reveal account information to Google.

The second new tool, called Cross Account Protection, has been designed for incidents when hackers do make it inside a user’s Google account, the company said.

It will alert other apps and websites where users log in with their Google account, enabling them to take action to secure the account.

The system requires other services to implement it, which Google is encouraging platforms which use Google sign-in to do.

The internet giant said it has worked with industry bodies the Internet Engineering Task Force (IETF) and the OpenID Foundation in order to make it easier for other sites and apps to introduce it.

Kurt Thomas, a Google security and anti-abuse research scientist, said: “Your privacy and security is of the utmost importance.

“With technologies like Password Checkup and Cross Account Protection, we’re continuing to improve the security of our users across the internet, not just on Google- and we’ll never stop improving our defences to keep you safe online.”

Additional reporting by agencies

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in