Google’s password manager is responsible for syncing across Android and Chrome and now it is adding another feature called “password checkup” that will analyze user’s logins to ensure their accounts haven’t been compromised in any security breach, as they are happening all too often now. The “password checkup” was available already as an extension, however, Google is now incorporating it into their account controls. The “password checkup” will be featured at passwords.google.com – the URL shortcut for Google password manager.
The login credentials of users are compared with the millions of recorded compromised accounts that were a part of such breaches. Google also revealed it monitors the dark web to an extent for collecting passwords, yet the password checkup’s larger part of the database that is compared against comes from sifting the open web.
If Google finds that your password has been compromised in a breach, it will encourage you to immediately change it. Same is the case if Google notices that you reuse passwords, which is discouraged, everything needs a unique login.
And it always does, Google will notify users if their accounts had weak passwords. For extension, passwords sent to Google were hashed and encrypted.
Google had partnered with The Harris Poll, as a part of the Cybersecurity Awareness Month, to understand about the password habits of US users and the results came out pretty worrisome. A lot of people still included content in their passwords that are easy to guess like a birthday, middle name, pet’s name, etc. Very few people use extra security measures such as the two-factor authentication- around 37% of people use it with 15% using password managers. Around 66% of people told they used the same password for multiple online accounts. In case of sharing passwords with a significant other, only about 11% revealed that they changed it after a breakup, such as for Netflix.
The main objective of Google is to discourage password reuse as it could put users in a compromising position should even one of them be endangered. If users aren’t trusty of digital password managers, they should write their passwords and keep it somewhere only they know.