Google has added some seriously useful new password protections to its hugely-popular Chrome browser. For the first time, Chrome will now want users when their password has been stolen and published online in a data breach.
Chrome already warns users when they attempt to reuse passwords in the built-in Password Checkup tool. This is designed to stop the same email address and password combination cropping up time and time again for different online accounts. You can check your details right now by visiting passwords.google.com.
While that might make it easier to login, it means hackers could gain access to a whole heap of accounts with a single set of details.
Building on this, Google will now include the same feature inside the Chrome browser, so whenever you log into a website with the same password or email address as you’ve already used for another online account, Google will flag-up the potential security risk.
Not only that, but Google Chrome can also now inform you as soon as your password crops-up in a batch of leaked data shared online by criminals. To do this, Google monitors a whole host of sites known to be used by cybercriminals to dump stolen usernames, email address and passwords to enable others to login and attempt to break into online accounts.
If you’d rather not use the feature, it can be enabled and disabled in the sync settings in Chrome.
Google says it’s using strongly encrypted copies of any passwords to match them –so your details won’t be at risk with all of these comparisons and checks going on behind-the-scenes with your web browser. That said, it’s nice the Mountain View-based company has provided the option to stop the practice. Although, if you’re in the habit of reusing the same details for multiple accounts – or have had your login credentials stolen in the past, it’s well worth leaving this option enabled.
And finally, Google is also boosting is phishing protections. Phishing is the nefarious practice of tricking users into handing over sensitive information – like login details, or financial information. This allows cybercriminals to siphon off important details and use them to login to your accounts.
In the past, we’ve seen fake iTunes, Gmail and Netflix login pages designed to trick users into inputting their details. Chrome already flags-up any suspicious phishing sites, but Google says it’s improving the process behind the scenes to make it more accurate. Google currently updates a local blacklist of websites every 30 minutes. To avoid detection, some phishing sites have learnt to switch domains very quickly or hide completely from Google’s web crawlers – allowing them to slip under the 30-minute refresh window and leaving users unwarned about the dangers.
To solve this, Chrome will now anonymously check the URL of any websites you visit that aren’t on its safe-list – a local list of thousands of popular websites known to be safe that are downloaded when you install Chrome on your machine. According to Google, this new process has resulted in a 30 percent increase in protection as users are now warned about newly discovered malicious sites as soon as possible, rather than in 30-minute batches.
Google Chrome should update itself automatically. But you can check you’re running the correct version by clicking on the three-dots in the top right-hand corner of any browser window and clicking on Settings in the dropdown. This menu will then tell you the current version you’re running, with the option to Update Chrome if you’ve missed out on Chrome 79.