Google recently announced Password Checkup—a Google Chrome extension that helps protect your online accounts from hackers. Once installed, the extension is triggered each time you log into a new site, regardless of where you are on the Internet. Whether you’re logging into your WordPress site or your bank account, Password Checkup cross-references your login credentials across 4 billion other credentials that have been suspected of or linked to a data breach in the past. If it locates a match anywhere on the Web, it will alert you, and request that you change your details right away.
An extension like Password Checker is crucial because malicious online attacks are happening at alarming rates. Panda Security found that there are 230,000 new malware samples being launched every single day, and according to IBM, there are 1.5 million cyber-attacks each year. And by 2021, the cost of cyber damage will be an estimated $6 trillion.
Some of the biggest hacks in history are a testament to this. Yahoo’s hack breached 3 billion user accounts; Marriot International compromised 500 million customer accounts; and Equifax’s data breach affected 143 million. Big companies like these aren’t the only ones susceptible to a hack. Every year, 60% of small businesses are getting hacked, largely because they are much easier targets.
“Up-to-date software is only as secure as the passwords you create to control and govern access. Although almost any password can be exploited through brute force, the stronger your password, the more difficult cracking it will be. WordPress contains an excellent password generator within the dashboard, or a website such as Strong Password Generator is a good alternative,” said Dreamhost, a global WordPress web hosting company.
When a breach happens, however small or big, it’s impossible to know if you were affected, and to what degree you were affected. While there are other extensions much like Google’s Password Checker, users can feel comfortable knowing data is stored with a reputable organization that they already know and trust. And Google emphasizes its use of encryption in its extension—meaning that Google can never see any of the passwords you’ve stored. Furthermore, other applications and extensions that are similar, like Have I Been Pwned and 1Password, come with a cost, making the free Password Checker a more viable option.
Today, users have a wide variety of credentials across dozens of online services and applications. As a result, password management has become much more of a nuisance. It’s not uncommon to create accounts with companies or sign up for trial services, and forget that you ever handed over data to those companies. In fact, password management has become such a pain for the average consumer that it leaves a gaping hole of vulnerability for hackers.
And yet, although many advancements have been made towards creating safer online environments, many companies still use the standard username and password login credentials. At a surface level, it’s easier for companies to implement, and it’s user-friendly—particularly for those who don’t understand, and therefore shy away from, two-factor authentication. The issue is that many of these passwords are stored insecurely by providers, and each time you give out your password, you’re opening yourself up to just one more vulnerability.
LastPass is a company that offers a desktop app and Chrome extension to help users store their passwords, and eliminates the need to remember each one. Here’s how it works: whenever you log into a website, the extension asks if you’d like it to remember the password. It then encrypts the password and uses that encryption to fill in password details for a website you’ve allowed it to remember. This setup is different than allowing your computer/browser to remember the password, because it has a deeper level of encryption and safety. Because it’s cloud-based, it also makes it easy to access your roster of passwords from any computer when you log into LastPass platform.
According to research conducted by LastPass, the average user on its platform has 191 passwords. That’s 191 different opportunities for a password to be compromised. Another issue users face today is that they use the same username and password for multiple accounts, meaning that if a hacker gained access to one account, chances are you have the same login credentials for other types of accounts, too. LastPass warns you when you’re using the same password and login, as well as generates new passwords for you to help you switch up and deepen the strength of your passwords.
With that in mind, Password Checker and other extensions and apps like LastPass complement each other well, and can go a long way towards protecting your identity and online integrity.