Moreover, just in case someone obtains the person's passwords, using two-factor authentication (2FA) will still prevent other people from controlling user's accounts.
If the password is involved in a breach that Google is aware of, the extension issues a warning to let you know that resetting the password is recommended, thus making sure that hackers wouldn't get access to your data. Consider using a password manager, like the one built into your Chrome browser, to help you safeguard and keep track of all the passwords for your different online accounts. Google, too, has seen such attacks, reporting to have blocked attacks on almost 110 million users in the past with the same database of four billion leaked credentials that it's now using to power the Password Checkup tool. "We also launched our Digital Wellbeing app that helps users understand their online habits so that technology can help them rather than hinder them in their daily lives", adds Mgwili-Sibanda. With this new Chrome extension the company aims to keep the Google Accounts safe by proactively detecting and responding to security threats.
One of the most common problems is a password breach.
According to Google, the extension doesn't check individual usernames and passwords, but both items at the same time, as a combo. But again, a majority (33%) of people have never used an online tool such as Google Security Checkup to review their online security settings, with another 13% only referring to them less than every 6 months. "For example, we notify you when you've granted access to third-party sites or apps, but it's really important for you to understand the information that you share with these apps or sites".
With it, Google will tell apps and sites that have implemented the login option that an account was hijacked. A new tool called Cross Account Protection will trigger notifications for security events like account hijacking so that you can be better protected. Further technical details about Password Checkup can be found on the Google Security Blog.
"Your privacy and security is of the utmost importance", says Kurt Thomas, security and anti-abuse research scientist at Google. We only share basic information about the event, like whether your account was hijacked, or if we forced you to log back in because of suspicious activity.