MENUMENU

Download Google’s new Chrome extension to safeguard your passwords

Google logo

Lock down your data.

If a hacker wants to get access to your personal data or login credentials, they might try a phishing attack—one of the oldest tricks in the book. Because it hinges on deception over technical skill, phishing is a difficult security risk to prevent, but Google may have found a way.

In a phishing attempt, a malicious actor tricks you into offering up sensitive data like a password or credit card number by pretending to be a legitimate website, company, or contact.

As part of an anti-phishing campaign, Google just launched a Chrome extension called Password Alert that will help prevent attackers from accessing your Google accounts. 

Password Alert compares a hashed version of your password (a string of anonymized data that corresponds to your password) to whatever you type into a Web page. If it recognizes your password after you’ve submitted it to a malicious site, it will show you an alert saying you need to reset your password.

Google

It’s not completely perfect—as the Verge notes, if you use the same password as your Google account on multiple websites, you’ll get an alert anytime you try and sign into them. That’s ill-advised anyway, so Google is really doing you a favor and reminding you to have different passwords for different sites.

Additionally, it only works after you’ve entered your password, so you’ll need to change your credentials immediately. And it’s always smart to have two-factor authentication enabled on your accounts (do that for Google here), so even if an attacker has your login info, they won’t be able to gain access without additional authorization. 

H/T The Verge | Illustration by Fernando Alfonso III

Selena Larson

Selena Larson

Selena Larson is a technology reporter based in San Francisco who writes about the intersection of technology and culture. Her work explores new technologies and the way they impact industries, human behavior, and security and privacy. Since leaving the Daily Dot, she's reported for CNN Money and done technical writing for cybersecurity firm Dragos.