At least 1.5% of online passwords are compromised, Google has found

(Image credit: Google)

Early this year, Google introduced the Password Checkup extension to its Chrome web browser, enabling users to automatically detect if the login details used online have been compromised.

New research from the tech giant has found that, in just the first month of the extension operating, 1.5% of the users (316,000) that installed and used the extension were using logins known to be unsafe – but Google is looking to change that.

When you take into consideration the billions of users that didn’t install the extension, and the likelihood that their login details are compromised as those that did, this is a rather alarming figure even as the popularity of password managers surged.

Regular checkups

The Password Checkup extension works by notifying users if they try signing into any website “using one of over 4 billion usernames and passwords that Google knows to be unsafe due to a third-party data breach”.

Both the checking of user login details, and the cross-referencing with the database of compromised details utilizes encryption to ensure that no information is stored locally or remotely with Google.

Currently, users wishing to use this feature will need to install the extension themselves and opt-in, and the functionality is limited to platforms that support extensions at all (Chrome for Android doesn’t, for instance).

However, as discovered by 9to5Google, the Chromium Bug Tracker is showing evidence that Google will integrate this feature into Chrome directly (specifically, in October’s release of Chrome 78), allowing it to become available by default to many more users.

Chrome, though, isn't the first browser to boast a tool like this. A similar feature (Monitor) already exists in Mozilla’s Firefox web browser, in partnership with the website and database HaveIBeenPwned, and it was recently discovered that improved integration with Monitor and the browser’s password manager will roll out in a future release.

TOPICS
Harry Domanski
Harry is an Australian Journalist for TechRadar with an ear to the ground for future tech, and the other in front of a vintage amplifier. He likes stories told in charming ways, and content consumed through massive screens. He also likes to get his hands dirty with the ethics of the tech.