12.5 C
New York
Friday, May 22, 2020
Home News 1.5% of Chrome users’ passwords are known to be compromised, according to...

1.5% of Chrome users’ passwords are known to be compromised, according to Google

1.5% of passwords used in Chrome are unsafe and have been released in data breaches, according to new information from Google.

In February, a new feature was introduced to the Google Chrome browser which checks whether users’ passwords are secure. Password Checkup is a free download that scans a database of 4 million compromised passwords and informs users if their password is among them and they need to change it. The database of passwords is collated from known third-party data breaches and when a user enters their password, it is checked against the list.

Now, Google has released eye-opening stats gathered from Password Checkup. Over 650,000 users have downloaded the tool, which has flagged more than 316,000 passwords as unsafe. That’s 1.25% of sign-ins which were made using passwords known to be compromised. This included sign-ins for “some of [users’] most sensitive financial, government, and email accounts” and covered “shopping sites (where users may save credit card details), news, and entertainment sites.”

A particular problem was people reusing passwords. People were more likely to reuse passwords outside of the most popular sites — 2.5 times more likely, in fact. The reuse of passwords makes it much easier for hackers to access accounts using a technique called credential stuffing.

Even when users were warned by Password Checkup that their passwords had been compromised, only 26% of them opted to reset their passwords. On the plus side, 60% of new passwords entered were relatively secure and would require more than a hundred million attempts to guess randomly. Previously, less than 20% of new passwords achieved this level of security.

Google announced it would be adding new features to make Password Checkup, including a comment box for giving quick feedback and more data privacy controls. The extension should never be able to learn the passwords of the users it checks for, but now users can opt out of all anonymous telemetry reports.

If you are concerned that an account you use may have been compromised, you can use the free tool HaveIBeenPwned to check. And if you are looking for a way to keep your passwords secure and to create secure passwords quickly, then you can use a password manager such as LastPass or 1Password.

Editors’ Recommendations

  • Slack is resetting user passwords in response to a 2015 data breach

  • The best password managers for 2019

  • How to change your Gmail password

  • Millions of Instagram influencers reportedly had private data exposed online

  • Flipboard hack prompts password reset for millions of users


Weathering the COVID-19 storm for small businesses

From establishing internal COVID-19 policies to ensuring that your website’s host can effectively service your website, small businesses can sustain themselves by using proactive approaches...

Xiaomi Mi 10 review: Falling just short of greatness

The Mi 10 has a lot to offer, but the 108MP camera alone isn't enough to give it an edge

This might be our first look at the Samsung Galaxy Note 20

It may arrive with a significantly larger display than its predecessor.What you need to knowAlleged CAD-based renders of the Galaxy

Verizon’s Galaxy A71 5G will reportedly have the Qualcomm Snapdragon 765

There is no word yet on whether the U.S. Galaxy A51 5G variant will feature the same chipset.What you need