Google Chrome Plug-In Informs You Whenever Hackers Have Your Password


Passwords. We're notoriously not great at them, even in the year 2018. While two-factor authentication and password managers are useful tools, it seems we need all the help we can get.

When choosing a password, experts recommend that you instead create a passphrase, something lengthy and hard to crack. But previously hacked passwords travel around the internet with ease, no matter how long they are, so you could still be in trouble.

Login management company Okta has developed and released a browser plug-in called PassProtect. The plug-in can tell users how many times a password has been exposed in a previous data breach, CNET reports

PassProtect leaps to action when you go to log in to a website and when you enter in the password, a window will pop up with a warning letting you know that this particular password has been found in 37 data breaches.

It's up to you whether to dismiss the message and keep using a risky password or change it. The message from PassProtect won't pop up again if you choose to keep the exposed password.

But since you're giving PassProtect access to your passwords, how do you know that this browser plug-in is secure?

The technology Okta uses to run the browser plug-in is similar to the tech that most websites use to process your password when you log in. This includes a hashing algorithm, turning your password into a random string of characters that's difficult to reassemble. PassProtect takes the five characters within that string to the database Have I Been Pwned, which is a collection of half a billion hacked passwords, and finds ones with the same five characters.

For now, the plug-in only works with Google Chrome, but Okta plans to create a version for Firefox soon.