Change your passwords often? Of course not — you’re too busy logging in safely and securely, after all. But for the well-intentioned majority of us too busy procrastinating to update their insecure passwords, there’s help from Google in the form of a new Chrome web browser extension called Google Password Checkup.
Google Chrome already has built-in password management support, meaning you can generate, store, and update your usernames and passwords using Chrome itself — just head to your Settings page and hit the Passwords box. Google Password Checkup functions as a helpful second layer of security, telling you when your passwords have been compromised, and reminding you to change them before it’s too late. To figure out which passwords are secure, Google keeps an encrypted database of passwords known to be compromised, and compares it to your own credentials (which it also encrypts). The actual comparison is done locally, in the Password Checkup extension, so no personal information is transmitted during the checkup process. If it finds a match, the extension will suggest you change your password immediately.
You don’t have to do much to benefit from the extension, either. “Whenever you sign in to a site, Password Checkup will trigger a warning if the username and password you use is one of over 4 billion credentials that Google knows to be unsafe,” said Google in its announcement post. From there you can either create a new password full of random characters — with Google’s help — or ignore the reminder until something terrible happens to your online account.
If you think an extension will save you from the ills of bad online security habits, you’re greatly mistaken. While Google’s Password Checkup will fix your login information, it can’t protect you from data breaches in the first place. For that, you’ll need to adopt better security habits, including changing your password periodically and enabling two-factor authentication on your accounts to add yet another layer of protection.