PassProtect: This Google Chrome plugin will check if your password is secure
When it comes to passwords for various online account, many of us make mistakes and often choose passwords, which are perhaps too easy and can be easily cracked. Now, a Google Chrome extension will alert users if their password is weak and one that was previously breached online. Security company Okta has released a new plugin for Google Chrome called PassProtect, which can help protect a user’s password by warning them if it is weak and needs to be changed.
PassProtect relies on the database called HaveIBeenPwned, which has been created by Troy Hunt. The database has a list of all passwords that have been leaked over the years. Hunt is a cyber-security expert and Microsoft’s Regional Director. The PassProtect plugin works by matching the user’s password against the list of leaked passwords from this data.
Okta announced the new plugin a blogpost last week. Users can go to the Google Chrome Webstore and add the Chrome extension to their browser. Okta says the PassProtect plugin works with “a real time, as-you-type notification,” and alerts users if they are using a risky, weak password.
For example if your password is something simple like Password123, the plugin will alert this has been breached in the past and a user should fix the same. PassProtect does this without compromising privacy, claims the company and the “passwords are never seen, stored, or sent over the network during this checking process.” PassProtect’s tracking system involving HaveIBeenPwned will also allow developers to add the improved functions directly into their website or app.
When it comes to passwords, it can be challenging coming up with newer ones. However, it is recommended that users should not have their first name or last name in the password, and this is a fairly common practice. Users can rely on apps for managing their passwords as Last Pass, Keeper, etc to manage their passwords. Some apps can also generate complicated passwords, which can be useful especially for websites, accounts that users might not be accessing on a daily basis.