Google has released a new Chrome extension “Password Checkup” that warns users if their account username and passwords are known to be unsafe and leaked as part of past data breaches.
If a user attempts to sign into a site, Password Checkup will pop-up a warning to the user if the username/password combination is included in over 4 billion leaked credentials that Google believes is unsafe.
“Password Checkup needs to query Google about the breach status of a username and password without revealing the information queried,” Google noted in blog post on Tuesday.
The optional Chrome extension includes a “privacy preserving protocol” jointly developed with Stanford University cryptography experts to help keep passwords safe.
Password Checkup uses “multiple rounds of hashing, k-anonymity, and private set intersection with blinding” to help ensure a user’s username/password does not leak online while using the extension.
Google provided an easy 4-step process to help protect your account as illustrated in the graphic below:
You can download the Password Checkup extension here.