The popularity of Google’s Password Checkup Chrome extension has spurred the company to build the technology into Google Account’s Password Manager and the Chrome browser.
Unlike the Chrome extension, these new implementations won’t just point out unsafe username/password combinations due to known third-party breaches, but will also warn users about widely (re)used and weak passwords and provide actionable recommendations to improve their security.
Solving password problems
Passwords are here to stay. And, unfortunately, bad habits related to their use are a big problem.
According to a recent Google / Harris Poll, 24 percent of Americans are still using common passwords, 59 percent use easily guessable or discoverable information in passwords (names, birthday dates), and 43 percent have shared their password with someone else.
Only 15 percent of the respondents use a password manager and only 37 percent use two-factor authentication, despite the fact almost half of them say their personal information has been compromised online and 47% of those say that they’ve lost money due to the compromise.
Finally (and sadly), only 45 percent of the respondents would change their password to an online account following a data breach.
There are services out there that can help users check whether their email address was involved or whether their password was exposed in a publicly known data breach.
Google has now built such a service into users’ Google Account’s password manager and will soon bring the feature directly into Chrome (though it won’t work unless users use their Google account as a Chrome profile).
Password Checkup will automatically check saved passwords for security issues and warn users about them and suggest a password change.