New Google Chrome extension will tell when hackers get your password

google chrome update
Google Chrome logos illustration Max Pixel

A cloud software company called 'Okta' has developed a new Google Chrome extension which will tell whether your password has been hacked or not. As of now, the extension called 'Pass Protect' is only available in Chrome but, the developers hope to launch it for Firefox and a mobile app soon.

How does it work?

After downloading 'Pass Protect', users should add it to the Google Chrome extension. Once the user enters their username and password on a website, the extension will analyze the safety of it and will let the user know if their password is unsafe. If the user dismisses the unsafe warning, the pop up will never appear on the screen during log n on that particular website.

Otka is also planning to release a source code for developers soon so, that they can use it on any website. The company believes that popular websites will use this extension to spot compromised usernames and passwords.

'Pass Protect' makes use of the 'Have I Been Pwned?' database, a free service that checks whether hackers have obtained your account credentials or not. This service has already logged about half a billion unsafe passwords that have been used in common data breach incidents.

'Pass Protect' applies a hashing algorithm to your passwords, which will be later turned into an encrypted string of characters. It then sends the first five characters of your password to the Pwned database and will check whether the password is vulnerable.

However, the available version of 'Pass Protect' will not analyze the usernames and the developers have revealed that this option will be soon coming in the future.

A recent survey has unveiled the common trends in password creation among people. According to the survey, people used to select passwords inspired by their love life, pop culture, common brands and even football teams.

A month back, Russia-based cyber security company Kaspersky Labs have revealed that unencrypted user data transmitted through insecure HTTPS is at elevated risk of hacking. The company warned that unencrypted data may include personal details like name, age, passwords, usernames and gender. Researchers at Kaspersky also advised users to use a Virtual Private Network to solve this problem.

Even, there was a news related to an Iranian hacking syndicate, who hacked four Singapore Universities websites. Authorities revealed that the hackers who attacked those Universities were the same team who have previously stolen 31 terabytes of academic data and intellectual property from other educational institutions across the world.

This article was first published on May 24, 2018