Anyone who has a presence on the internet is likely to be suffering from breach fatigue.
Data leaks are reported in the headlines on a daily basis, and users can feel so overwhelmed by the sheer number of breaches that they feel there’s little they can do to keep ahead of hackers. After all, it can almost feel like a full-time job determining if your online accounts might be at risk from the latest hack, or reviewing your login credentials to ensure that you haven’t made the mistake of reusing the same password in multiple places.
Recent revelations like the discovery of the Collection #1 data set of approximately 800 million email addresses and tens of millions of passwords can make the problem seem monumental, even if many of the passwords may have been collected from breaches that took place years ago.
However, Google believes that technology can play its part to help better alert users who are at risk, and reduce the chances of accounts becoming compromised through the phenomenon of “credential stuffing” or “password reuse” attacks.
The tech giant has this week released an optional extension for the Google Chrome browser that will trigger a visual warning if it determines you are using a username/password combination that it knows to be unsafe.
The Password Checkup Chrome extension (available for free from Chrome’s extension web store here) watches as you enter your username and password on a website, and – if it determines they have been exposed in a past data breach (even if that breach occurred at a different website) – display an alert telling you to reset your password.
Wisely, the extension also suggests that if you use the same username and password for any other accounts you should also reset your password there too.
Password (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/featured/google-chrome-extension-warns-if-your-password-has-been-leaked/