Early in 2019, Google introduced Password Checkup to warn of breached third-party logins. Originally a Chrome extension, the tool was integrated into its online password manager and later the browser itself. Next month, Google will sunset the dedicated Password Checkup Chrome extension.
Given password reuse, more than just one login is often exposed by third-party data breaches. Google scours the web for those leaks to look for first-party compromises so that users can reset their logins. The Password Checkup tool brings that kind of protection to your other online accounts.
When users sign-in with an unsafe password, a red Safe Browsing-like dialogue appears to prompt them to “Change your password” as the extension icon turns bright red. The tool works in a privacy-preserving manner where personal information is never revealed to Google.
In October of last year, Password Checkup was integrated with the Google Account Password Manager, which also warns about reuse and weak credentials. Visiting passwords.google.com lets you run the tool, while Chrome 78 integrated the remaining, at sign-in extension functionality directly.
With that integration, Google recently issued a “Sunset announcement” for existing extension users:
Now that Password Checkup is integrated into Chrome, we will be sunsetting the Password Checkup extension on August 31, 2020. After this date, the Password Checkup extension will be disabled and no longer report whether a username or password has been in a data breach. In order to continue receiving warnings, users should instead sign-in to Chrome. Users must also ensure that Chrome is up to date and that the Chrome security setting ‘Warn you if passwords are exposed in a data breach’ is enabled (default unless previously changed).
A convenient “Uninstall now” button is also provided. Google last year said that the extension had been downloaded over a million times.
FTC: We use income earning auto affiliate links. More.
Comments